Filtered by vendor Google Subscriptions
Filtered by product Chrome Subscriptions
Total 3643 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-5283 1 Google 1 Chrome 2025-06-01 5.4 Medium
Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-0814 2 Fedoraproject, Google 2 Fedora, Chrome 2025-05-30 6.5 Medium
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-0812 2 Fedoraproject, Google 2 Fedora, Chrome 2025-05-30 8.8 High
Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-0808 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-30 9.8 Critical
Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)
CVE-2025-5063 1 Google 1 Chrome 2025-05-29 8.8 High
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-5064 1 Google 1 Chrome 2025-05-29 5.4 Medium
Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-5065 1 Google 1 Chrome 2025-05-29 6.5 Medium
Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-5066 1 Google 1 Chrome 2025-05-29 6.5 Medium
Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-5067 1 Google 1 Chrome 2025-05-29 5.4 Medium
Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-5280 1 Google 1 Chrome 2025-05-29 8.8 High
Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-5281 1 Google 1 Chrome 2025-05-29 5.4 Medium
Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-1060 2 Fedoraproject, Google 2 Fedora, Chrome 2025-05-29 8.8 High
Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-4050 1 Google 1 Chrome 2025-05-28 8.8 High
Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-4051 1 Google 1 Chrome 2025-05-28 6.3 Medium
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-4052 1 Google 1 Chrome 2025-05-28 9.8 Critical
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-4096 1 Google 1 Chrome 2025-05-28 8.8 High
Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-4372 1 Google 1 Chrome 2025-05-28 8.8 High
Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-6512 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-28 6.5 Medium
Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-0810 1 Google 1 Chrome 2025-05-22 4.3 Medium
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2024-0804 2 Fedoraproject, Google 2 Fedora, Chrome 2025-05-22 7.5 High
Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)