Lucene search
K

22 matches found

CNVD
CNVD
added 2025/12/10 12:0 a.m.11 views

Google Chrome Information Disclosure Vulnerability (CNVD-2025-3038304)

Google Chrome is a web browser from Google, an American company. An information disclosure vulnerability exists in versions of Google Chrome prior to 139.0.7258.66, which stems from the disclosure of side-channel information during navigation and loading, and can be exploited by an attacker to...

4.7CVSS6.1AI score0.00168EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/05 12:42 a.m.4 views

SUSE CVE-2025-13992

Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

4.7CVSS6.3AI score0.00168EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/03 9:31 p.m.5 views

EUVD-2025-201092

Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

4.7CVSS5.7AI score0.00168EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/03 7:9 p.m.5 views

CVE-2025-13992

Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

4.7CVSS4.9AI score0.00168EPSS
Exploits0
CVE
CVE
added 2025/12/03 7:9 p.m.25 views

CVE-2025-13992

CVE-2025-13992 affects Google Chrome (Chrome/Chromium) prior to version 139.0.7258.66, involving a side-channel information leakage during Navigation and Loading that could allow a remote attacker to bypass site isolation via a crafted HTML page. Affected component/behavior is described in public...

4.7CVSS5.8AI score0.00168EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00209EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00223EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of after free in Extensions in Google Chrome before version 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS5.5AI score0.003EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Cast in Google Chrome before version 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.6AI score0.00313EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.5 views

Fedora 42 : chromium (2025-04158e05ef)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04158e05ef advisory. Updated to 139.0.7258.66 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementati...

8.8CVSS5.8AI score0.00313EPSS
Exploits0References9
OSV
OSV
added 2025/08/08 12:0 a.m.3 views

OPENSUSE-SU-2025:15421-1 chromedriver-139.0.7258.66-1.1 on GA media

These are all security issues fixed in the chromedriver-139.0.7258.66-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS5.8AI score0.00636EPSS
Exploits1References9
OSV
OSV
added 2025/08/07 2:15 a.m.2 views

DEBIAN-CVE-2025-8580

Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS4.9AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2025/08/07 2:15 a.m.1 views

DEBIAN-CVE-2025-8583

Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS4.9AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2025/08/07 2:15 a.m.1 views

DEBIAN-CVE-2025-8577

Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS4.9AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2025/08/07 2:15 a.m.1 views

DEBIAN-CVE-2025-8576

Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS8.2AI score0.003EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/07 1:30 a.m.2 views

CVE-2025-8576

Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS7.3AI score0.003EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2025/08/07 1:30 a.m.5 views

CVE-2025-8576

Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS7.2AI score0.003EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/08/06 11:25 p.m.1 views

SUSE CVE-2025-8579

Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.4AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/08/06 11:25 p.m.3 views

SUSE CVE-2025-8580

Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.5AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/08/06 11:25 p.m.1 views

SUSE CVE-2025-8582

Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.5AI score0.00223EPSS
Exploits0References3
Rows per page
Query Builder