CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-14765 – openSUSE Security Advisory - openSUSE-SU-2025:0476-1
https://notcve.org/view.php?id=CVE-2025-14765
16 Dec 2025 — Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) An update that fixes three vulnerabilities is now available. This update for chromium fixes the following issues. Use after free in WebGPU Out of bounds read and write in V8. • https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2025-13223 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-13223
17 Nov 2025 — Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google is aware that an exploit for CVE-2025-13223 exists in the wild. Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption. • https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-12439 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12439
28 Oct 2025 — Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: Medium) Inappropriate implementation in App-Bound Encryption. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems hav... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-326: Inadequate Encryption Strength •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12428 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12428
28 Oct 2025 — Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Type Confusion in V8. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the stable distribution (trixie), these problems hav... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12429 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12429
28 Oct 2025 — Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Inappropriate implementation in V8. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the stable distribution ... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12430 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12430
28 Oct 2025 — Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) Object lifecycle issue in Media. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the stable distribution (trixie), these... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12431 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12431
28 Oct 2025 — Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: High) Inappropriate implementation in Extensions. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have be... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12432 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12432
28 Oct 2025 — Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Race in V8. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the stable distribution (trixie), these problems have been fixed ... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12433 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12433
28 Oct 2025 — Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Inappropriate implementation in V8. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the stable distri... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-12434 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12434
28 Oct 2025 — Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Race in Storage. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •