CVSS: 8.3EPSS: 13%CPEs: 1EXPL: 2CVE-2025-2783 – Google Chromium Mojo Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2025-2783
26 Mar 2025 — Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) Google Chromium Mojo on Windows contains a sandbox escape vulnerability caused by a logic error, which results from an incorrect handle being provided in unspecified circumstances. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited t... • https://github.com/raulchung/CVE-2025-2783 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2476 – Debian Security Advisory 5882-1
https://notcve.org/view.php?id=CVE-2025-2476
19 Mar 2025 — Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://github.com/McTavishSue/CVE-2025-2476 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2137 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-2137
10 Mar 2025 — Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2136 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-2136
10 Mar 2025 — Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2135 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-2135
10 Mar 2025 — Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1920 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-1920
10 Mar 2025 — Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1923 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1923
05 Mar 2025 — Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1922 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1922
05 Mar 2025 — Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1921 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1921
05 Mar 2025 — Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-1230: Exposure of Sensitive Information Through Metadata •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1919 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1919
05 Mar 2025 — Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •