Google

Chrome

3754 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2025-13992

  • EPSS 0.02%
  • Veröffentlicht 03.12.2025 19:15:55
  • Zuletzt bearbeitet 05.12.2025 14:52:23

Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2025-13633

  • EPSS 0.1%
  • Veröffentlicht 02.12.2025 19:15:47
  • Zuletzt bearbeitet 04.12.2025 19:54:44

Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2025-13721

  • EPSS 0.07%
  • Veröffentlicht 02.12.2025 19:00:17
  • Zuletzt bearbeitet 04.12.2025 18:07:05

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2025-13720

  • EPSS 0.08%
  • Veröffentlicht 02.12.2025 19:00:17
  • Zuletzt bearbeitet 04.12.2025 18:06:43

Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

3.5

CVE-2025-13640

  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 19:00:16
  • Zuletzt bearbeitet 04.12.2025 18:06:26

Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authentication via physical access to the device. (Chromium security severity: Low)

8.1

CVE-2025-13639

  • EPSS 0.03%
  • Veröffentlicht 02.12.2025 19:00:15
  • Zuletzt bearbeitet 04.12.2025 19:16:17

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2025-13638

  • EPSS 0.1%
  • Veröffentlicht 02.12.2025 19:00:15
  • Zuletzt bearbeitet 04.12.2025 19:20:42

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

4.3

CVE-2025-13637

  • EPSS 0.02%
  • Veröffentlicht 02.12.2025 19:00:14
  • Zuletzt bearbeitet 04.12.2025 19:39:11

Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass download protections via a crafted HTML page. (Chromium security severity: Lo...

4.3

CVE-2025-13636

  • EPSS 0.06%
  • Veröffentlicht 02.12.2025 19:00:13
  • Zuletzt bearbeitet 04.12.2025 19:42:35

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low)

4.4

CVE-2025-13635

  • EPSS 0.01%
  • Veröffentlicht 02.12.2025 19:00:12
  • Zuletzt bearbeitet 04.12.2025 19:50:39

Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)