Google

Chrome Os

69 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2025-1292

Exploit
  • EPSS 0.01%
  • Published 15.04.2025 19:46:26
  • Last modified 06.10.2025 16:55:26

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NV_Read functionality during t...

6.8

CVE-2025-1121

  • EPSS 0.01%
  • Published 07.03.2025 00:15:34
  • Last modified 21.07.2025 16:57:28

Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially cra...

8.8

CVE-2022-2743

Exploit
  • EPSS 0.62%
  • Published 02.01.2023 23:15:10
  • Last modified 21.11.2024 07:01:37

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactio...

9.1

CVE-2014-3180

  • EPSS 0.18%
  • Published 06.11.2019 20:15:09
  • Last modified 21.11.2024 02:07:36

In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because t...

9.3

CVE-2019-16508

Exploit
  • EPSS 0.06%
  • Published 01.10.2019 12:15:10
  • Last modified 21.11.2024 04:30:43

The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intenti...

10

CVE-2016-5179

  • EPSS 3.19%
  • Published 07.03.2018 02:29:00
  • Last modified 21.11.2024 02:53:46

Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot.

9.3

CVE-2017-15400

  • EPSS 0.41%
  • Published 07.02.2018 23:29:00
  • Last modified 21.11.2024 03:14:38

Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.

7.4

CVE-2017-15397

  • EPSS 0.34%
  • Published 07.02.2018 23:29:00
  • Last modified 21.11.2024 03:14:37

Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position.

3.3

CVE-2017-5084

  • EPSS 0.03%
  • Published 27.10.2017 05:29:01
  • Last modified 20.04.2025 01:37:25

Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.

8.8

CVE-2016-5169

  • EPSS 0.58%
  • Published 25.09.2016 20:59:00
  • Last modified 12.04.2025 10:46:40

Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.