CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10892 – openSUSE Security Advisory - openSUSE-SU-2025:0379-1
https://notcve.org/view.php?id=CVE-2025-10892
24 Sep 2025 — Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.207-1~deb12u1. For the stable distribution (trixie), these problems have been fixe... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html • CWE-190: Integer Overflow or Wraparound CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10891 – openSUSE Security Advisory - openSUSE-SU-2025:0379-1
https://notcve.org/view.php?id=CVE-2025-10891
24 Sep 2025 — Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.207-1~deb12u1. For the stable distribution (trixie), these problems have been fixe... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html • CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10890 – openSUSE Security Advisory - openSUSE-SU-2025:0379-1
https://notcve.org/view.php?id=CVE-2025-10890
24 Sep 2025 — Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.207-1~deb12u1. For the stable distribution (trixie), these problems have been f... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html • CWE-203: Observable Discrepancy CWE-1300: Improper Protection of Physical Side Channels •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10500 – Debian Security Advisory 6004-1
https://notcve.org/view.php?id=CVE-2025-10500
19 Sep 2025 — Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10501 – Debian Security Advisory 6004-1
https://notcve.org/view.php?id=CVE-2025-10501
19 Sep 2025 — Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10585 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-10585
19 Sep 2025 — Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10502 – Debian Security Advisory 6004-1
https://notcve.org/view.php?id=CVE-2025-10502
18 Sep 2025 — Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High) Heap buffer overflow in ANGLE. Reported by Google Big Sleep on 2025-08-12. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10201 – Debian Security Advisory 5996-1
https://notcve.org/view.php?id=CVE-2025-10201
10 Sep 2025 — Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.127-1~deb12u1. For the stable distribution (trixie), t... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html • CWE-284: Improper Access Control CWE-346: Origin Validation Error •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-10200 – Debian Security Advisory 5996-1
https://notcve.org/view.php?id=CVE-2025-10200
10 Sep 2025 — Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 140.0.7339.127-1~deb12u1. For the stable distribution (trixie), these... • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html • CWE-416: Use After Free •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2025-9867 – openSUSE Security Advisory - openSUSE-SU-2025:15524-1
https://notcve.org/view.php?id=CVE-2025-9867
03 Sep 2025 — Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) An update that fixes four vulnerabilities is now available. This update for chromium, gn fixes the following issues. New permission prompt for local network access Use after free in V8. Inappropriate implementation in Toolbar. • https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •