CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-12439 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12439
28 Oct 2025 — Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: Medium) Inappropriate implementation in App-Bound Encryption. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems hav... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-326: Inadequate Encryption Strength •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10892 – openSUSE Security Advisory - openSUSE-SU-2025:0379-1
https://notcve.org/view.php?id=CVE-2025-10892
24 Sep 2025 — Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.207-1~deb12u1. For the stable distribution (trixie), these problems have been fixe... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html • CWE-190: Integer Overflow or Wraparound CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10891 – openSUSE Security Advisory - openSUSE-SU-2025:0379-1
https://notcve.org/view.php?id=CVE-2025-10891
24 Sep 2025 — Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.207-1~deb12u1. For the stable distribution (trixie), these problems have been fixe... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html • CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10890 – openSUSE Security Advisory - openSUSE-SU-2025:0379-1
https://notcve.org/view.php?id=CVE-2025-10890
24 Sep 2025 — Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.207-1~deb12u1. For the stable distribution (trixie), these problems have been f... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html • CWE-203: Observable Discrepancy CWE-1300: Improper Protection of Physical Side Channels •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10501 – Debian Security Advisory 6004-1
https://notcve.org/view.php?id=CVE-2025-10501
19 Sep 2025 — Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10500 – Debian Security Advisory 6004-1
https://notcve.org/view.php?id=CVE-2025-10500
19 Sep 2025 — Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10585 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-10585
19 Sep 2025 — Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10502 – Debian Security Advisory 6004-1
https://notcve.org/view.php?id=CVE-2025-10502
18 Sep 2025 — Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High) Heap buffer overflow in ANGLE. Reported by Google Big Sleep on 2025-08-12. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10201 – Debian Security Advisory 5996-1
https://notcve.org/view.php?id=CVE-2025-10201
10 Sep 2025 — Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.127-1~deb12u1. For the stable distribution (trixie), t... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html • CWE-284: Improper Access Control CWE-346: Origin Validation Error •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10200 – Debian Security Advisory 5996-1
https://notcve.org/view.php?id=CVE-2025-10200
10 Sep 2025 — Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.127-1~deb12u1. For the stable distribution (trixie), these... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html • CWE-416: Use After Free •