CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5063 – Debian Security Advisory 5929-1
https://notcve.org/view.php?id=CVE-2025-5063
27 May 2025 — Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 137.0.7151.55-3~deb12u1. • https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 3CVE-2025-4664 – openSUSE Security Advisory - openSUSE-SU-2025:15143-1
https://notcve.org/view.php?id=CVE-2025-4664
14 May 2025 — Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the stable distribution (bookworm), these problems have been fixed in version 136.0.7103.113-1~deb12u1. • https://github.com/speinador/CVE-2025-4664 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4372 – Debian Security Advisory 5916-1
https://notcve.org/view.php?id=CVE-2025-4372
06 May 2025 — Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) An update that fixes one vulnerability is now available. This update for chromium fixes the following issues. Chromium 136.0.7103.92 Use after free in WebAudio Patch Instructions. To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". • https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4051 – Debian Security Advisory 5914-1
https://notcve.org/view.php?id=CVE-2025-4051
05 May 2025 — Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) An update that fixes four vulnerabilities is now available. This update for chromium fixes the following issues. Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4052 – Debian Security Advisory 5914-1
https://notcve.org/view.php?id=CVE-2025-4052
05 May 2025 — Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low) An update that fixes four vulnerabilities is now available. This update for chromium fixes the following issues. Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html • CWE-838: Inappropriate Encoding for Output Context •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4050 – Debian Security Advisory 5914-1
https://notcve.org/view.php?id=CVE-2025-4050
05 May 2025 — Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) An update that fixes four vulnerabilities is now available. This update for chromium fixes the following issues. Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4096 – Debian Security Advisory 5914-1
https://notcve.org/view.php?id=CVE-2025-4096
05 May 2025 — Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) An update that fixes four vulnerabilities is now available. This update for chromium fixes the following issues. Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3620 – Debian Security Advisory 5903-1
https://notcve.org/view.php?id=CVE-2025-3620
16 Apr 2025 — Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) An update that fixes two vulnerabilities is now available. This update for chromium fixes the following issue. Chromium 135.0.7049.95. Heap buffer overflow in Codecs Use after free in USB. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3619 – Debian Security Advisory 5903-1
https://notcve.org/view.php?id=CVE-2025-3619
16 Apr 2025 — Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) An update that fixes two vulnerabilities is now available. This update for chromium fixes the following issue. Chromium 135.0.7049.95. Heap buffer overflow in Codecs Use after free in USB. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3074 – Debian Security Advisory 5890-1
https://notcve.org/view.php?id=CVE-2025-3074
02 Apr 2025 — Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •