Google

Chrome

108 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-3070

  • EPSS 0.05%
  • Published 02.04.2025 01:15:38
  • Last modified 07.04.2025 13:28:06

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

5.4

CVE-2025-3071

  • EPSS 0.01%
  • Published 02.04.2025 01:15:38
  • Last modified 21.04.2025 20:48:25

Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Lo...

5.4

CVE-2025-3072

  • EPSS 0.04%
  • Published 02.04.2025 01:15:38
  • Last modified 21.04.2025 20:48:41

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4

CVE-2025-3073

  • EPSS 0.04%
  • Published 02.04.2025 01:15:38
  • Last modified 21.04.2025 20:49:20

Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4

CVE-2025-3074

  • EPSS 0.04%
  • Published 02.04.2025 01:15:38
  • Last modified 21.04.2025 20:49:26

Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2025-3066

  • EPSS 0.08%
  • Published 02.04.2025 01:15:37
  • Last modified 08.04.2025 20:15:28

Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.3

CVE-2025-2783

Warning Media report
  • EPSS 22.57%
  • Published 26.03.2025 16:15:23
  • Last modified 28.03.2025 01:00:02

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

8.8

CVE-2025-2476

  • EPSS 11.8%
  • Published 19.03.2025 18:59:42
  • Last modified 01.04.2025 20:37:56

Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8

CVE-2025-2135

  • EPSS 0.13%
  • Published 10.03.2025 20:39:17
  • Last modified 07.04.2025 18:54:36

Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2025-2136

  • EPSS 0.12%
  • Published 10.03.2025 20:39:17
  • Last modified 07.04.2025 18:54:29

Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)