CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-14765 – openSUSE Security Advisory - openSUSE-SU-2025:0476-1
https://notcve.org/view.php?id=CVE-2025-14765
16 Dec 2025 — Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 143.0.7499.169-1~deb12u1. For the stable distribution (trixie), these problems have been fi... • https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2025-13223 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2025-13223
17 Nov 2025 — Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google is aware that an exploit for CVE-2025-13223 exists in the wild. Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption. • https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12441 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12441
28 Oct 2025 — Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) Out of bounds read in V8. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the stable distribution (trixie), ... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-12439 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12439
28 Oct 2025 — Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: Medium) Inappropriate implementation in App-Bound Encryption. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems hav... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-326: Inadequate Encryption Strength •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-12438 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12438
28 Oct 2025 — Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: Medium) Use after free in Ozone. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the stable di... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12445 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12445
28 Oct 2025 — Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low) Policy bypass in Extensions. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12437 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12437
28 Oct 2025 — Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Use after free in PageInfo. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12436 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12436
28 Oct 2025 — Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. (Chromium security severity: Medium) Policy bypass in Extensions. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have ... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-12440 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12440
28 Oct 2025 — Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low) Inappropriate implementation in Autofill. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-12434 – openSUSE Security Advisory - openSUSE-SU-2025:15687-1
https://notcve.org/view.php?id=CVE-2025-12434
28 Oct 2025 — Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Race in Storage. Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 142.0.7444.59-1~deb12u1. For the... • https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •