Filtered by vendor Google
Subscriptions
Filtered by product Chrome
Subscriptions
Total
3710 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12036 | 1 Google | 1 Chrome | 2025-11-07 | 8.8 High |
| Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-11756 | 1 Google | 1 Chrome | 2025-11-07 | 8.8 High |
| Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote attacker who had compromised the renderer process to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-11458 | 1 Google | 1 Chrome | 2025-11-07 | 8.1 High |
| Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-11219 | 1 Google | 1 Chrome | 2025-11-07 | 3.1 Low |
| Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2025-11216 | 2 Apple, Google | 2 Macos, Chrome | 2025-11-07 | 6.3 Medium |
| Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. (Chromium security severity: Low) | ||||
| CVE-2025-11210 | 1 Google | 1 Chrome | 2025-11-07 | 5.4 Medium |
| Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-11208 | 1 Google | 1 Chrome | 2025-11-07 | 6.3 Medium |
| Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-11206 | 1 Google | 1 Chrome | 2025-11-07 | 7.1 High |
| Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-11205 | 1 Google | 1 Chrome | 2025-11-07 | 8.8 High |
| Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-11460 | 1 Google | 1 Chrome | 2025-11-07 | N/A |
| Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. (Chromium security severity: High) | ||||
| CVE-2025-11211 | 1 Google | 1 Chrome | 2025-11-07 | N/A |
| Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-11215 | 1 Google | 2 Chrome, V8 | 2025-11-07 | N/A |
| Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-11212 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-11-07 | N/A |
| Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-11213 | 1 Google | 2 Android, Chrome | 2025-11-07 | N/A |
| Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-11209 | 1 Google | 2 Android, Chrome | 2025-11-07 | N/A |
| Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-11207 | 1 Google | 1 Chrome | 2025-11-07 | N/A |
| Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-6558 | 5 Apple, Debian, Google and 2 more | 10 Ipados, Iphone Os, Macos and 7 more | 2025-11-06 | 8.8 High |
| Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3159 | 1 Google | 1 Chrome | 2025-11-04 | 8.8 High |
| Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3158 | 1 Google | 1 Chrome | 2025-11-04 | 8.8 High |
| Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3156 | 1 Google | 1 Chrome | 2025-11-04 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||