29 matches found
Astra Linux – Vulnerability in Chromium
Before version 141.0.7390.54, reading media content in Google Chrome allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
The use of after-free in V8 in Google Chrome before version 141.0.7390.54 allowed a remote attacker to potentially perform out-of-bounds memory access through a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Side-channel information leakage in the Tab component of Google Chrome prior to version 141.0.7390.54 allowed a remote attacker who convinced a user to perform certain UI gestures to perform UI spoofing through a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11209
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11213
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11211
Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11219
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...
CVE-2025-11207
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11209
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11208
Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11208
Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11207
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11219
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...
CVE-2025-11219
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...
CVE-2025-11216
Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...
CVE-2025-11215
CVE-2025-11215 refers to an off-by-one error in the V8 engine of Google Chrome/Chromium that allows a remote attacker to cause an out-of-bounds memory read via a crafted HTML page. The documented impact is a medium severity (CVSS 3.1: 4.3) with network attack vector, no privileges, and user inter...
CVE-2025-11216
Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...
CVE-2025-11212
CVE-2025-11212 concerns an inappropriate Media module implementation in Google Chrome on Windows, enabling domain spoofing when a user is induced to perform specific UI gestures on a crafted HTML page. The connected Fedora advisories indicate Chromium-based updates addressing this vulnerability: ...
CVE-2025-11211
Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11208
Affected software: Google Chrome/Chromium before 141.0.7390.54. Root cause: inappropriate implementation in Media enabling UI spoofing via a crafted HTML page after a user‑driven UI gesture. Impact: potential UI spoofing by a remote attacker; requires user interaction. Status: exploitation detail...