CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6191 – Debian Security Advisory 5944-1
https://notcve.org/view.php?id=CVE-2025-6191
18 Jun 2025 — Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.119-1~deb12u1. • https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html • CWE-190: Integer Overflow or Wraparound CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6192 – Debian Security Advisory 5944-1
https://notcve.org/view.php?id=CVE-2025-6192
18 Jun 2025 — Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.119-1~deb12u1. • https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5958 – Debian Security Advisory 5942-1
https://notcve.org/view.php?id=CVE-2025-5958
11 Jun 2025 — Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.103-1~deb12u1. • https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5959 – Debian Security Advisory 5942-1
https://notcve.org/view.php?id=CVE-2025-5959
11 Jun 2025 — Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.103-1~deb12u1. • https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5068 – Debian Security Advisory 5935-1
https://notcve.org/view.php?id=CVE-2025-5068
02 Jun 2025 — Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2025-5419 – Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
https://notcve.org/view.php?id=CVE-2025-5419
02 Jun 2025 — Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML ... • https://github.com/alegrason/CVE-2025-5419 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5067 – Debian Security Advisory 5929-1
https://notcve.org/view.php?id=CVE-2025-5067
27 May 2025 — Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.55-3~deb12u1. • https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5283 – libvpx: Double-free in libvpx encoder
https://notcve.org/view.php?id=CVE-2025-5283
27 May 2025 — Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) A flaw was found in libvpx. A double-free issue can occur in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash. An update for libvpx is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update S... • https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5281 – Debian Security Advisory 5929-1
https://notcve.org/view.php?id=CVE-2025-5281
27 May 2025 — Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.55-3~deb12u1. • https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5066 – Debian Security Advisory 5929-1
https://notcve.org/view.php?id=CVE-2025-5066
27 May 2025 — Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.55-3~deb12u1. • https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •