22 matches found
Google Chrome Information Disclosure Vulnerability (CNVD-2025-3038304)
Google Chrome is a web browser from Google, an American company. An information disclosure vulnerability exists in versions of Google Chrome prior to 139.0.7258.66, which stems from the disclosure of side-channel information during navigation and loading, and can be exploited by an attacker to...
SUSE CVE-2025-13992
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
EUVD-2025-201092
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13992
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13992
CVE-2025-13992 affects Google Chrome (Chrome/Chromium) prior to version 139.0.7258.66, involving a side-channel information leakage during Navigation and Loading that could allow a remote attacker to bypass site isolation via a crafted HTML page. Affected component/behavior is described in public...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
The use of after free in Extensions in Google Chrome before version 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
The use of “after free” in Cast in Google Chrome before version 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...
Fedora 42 : chromium (2025-04158e05ef)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04158e05ef advisory. Updated to 139.0.7258.66 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementati...
OPENSUSE-SU-2025:15421-1 chromedriver-139.0.7258.66-1.1 on GA media
These are all security issues fixed in the chromedriver-139.0.7258.66-1.1 package on the GA media of openSUSE Tumbleweed...
DEBIAN-CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2025-8583
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2025-8577
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
SUSE CVE-2025-8579
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2025-8582
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...