CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3074
https://notcve.org/view.php?id=CVE-2025-3074
02 Apr 2025 — Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3073
https://notcve.org/view.php?id=CVE-2025-3073
02 Apr 2025 — Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3072
https://notcve.org/view.php?id=CVE-2025-3072
02 Apr 2025 — Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3071
https://notcve.org/view.php?id=CVE-2025-3071
02 Apr 2025 — Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3070
https://notcve.org/view.php?id=CVE-2025-3070
02 Apr 2025 — Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3069
https://notcve.org/view.php?id=CVE-2025-3069
02 Apr 2025 — Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3068
https://notcve.org/view.php?id=CVE-2025-3068
02 Apr 2025 — Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3067
https://notcve.org/view.php?id=CVE-2025-3067
02 Apr 2025 — Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3066
https://notcve.org/view.php?id=CVE-2025-3066
02 Apr 2025 — Use after free in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.3EPSS: 13%CPEs: 1EXPL: 2CVE-2025-2783 – Google Chromium Mojo Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2025-2783
26 Mar 2025 — Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited t... • https://github.com/raulchung/CVE-2025-2783 •