Google

Chrome

3675 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-3074

  • EPSS 0.04%
  • Published 02.04.2025 01:15:38
  • Last modified 21.04.2025 20:49:26

Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2025-3066

  • EPSS 0.08%
  • Published 02.04.2025 01:15:37
  • Last modified 08.04.2025 20:15:28

Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.3

CVE-2025-2783

Warning Media report
  • EPSS 22.57%
  • Published 26.03.2025 16:15:23
  • Last modified 28.03.2025 01:00:02

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

8.8

CVE-2025-2476

  • EPSS 11.8%
  • Published 19.03.2025 18:59:42
  • Last modified 01.04.2025 20:37:56

Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8

CVE-2025-2135

  • EPSS 0.13%
  • Published 10.03.2025 20:39:17
  • Last modified 07.04.2025 18:54:36

Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2025-2136

  • EPSS 0.12%
  • Published 10.03.2025 20:39:17
  • Last modified 07.04.2025 18:54:29

Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2025-2137

  • EPSS 0.06%
  • Published 10.03.2025 20:39:17
  • Last modified 07.04.2025 18:54:11

Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2025-1920

  • EPSS 0.09%
  • Published 10.03.2025 20:39:16
  • Last modified 07.04.2025 18:54:46

Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

4.3

CVE-2025-1923

  • EPSS 0.04%
  • Published 05.03.2025 04:15:12
  • Last modified 01.04.2025 20:41:40

Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: L...

8.1

CVE-2025-1915

  • EPSS 0.05%
  • Published 05.03.2025 04:15:11
  • Last modified 01.04.2025 20:42:45

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chro...