CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/05/30 2:16 a.m.•12 views

SUSE CVE-2026-9985

Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.8AI score0.00182EPSS

SUSE CVE•added 2026/05/16 1:14 a.m.•4 views

SUSE CVE-2026-8576

Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00155EPSS

Tenable Nessus•added 2026/05/14 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to...

5.3CVSS5.9AI score0.00189EPSS

Tenable Nessus•added 2026/05/07 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-7992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to...

8.8CVSS6.1AI score0.00223EPSS

RedhatCVE•added 2026/01/07 9:55 a.m.•26 views

CVE-2025-1290

A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...

8.1CVSS7AI score0.00253EPSS

AlpineLinux•added 2025/11/10 8:0 p.m.•4 views

CVE-2025-12438

Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.9AI score0.00224EPSS

Exploits0

SUSE CVE•added 2025/10/31 12:34 a.m.•2 views

SUSE CVE-2025-12438

8.8CVSS7.3AI score0.00224EPSS

Vulnrichment•added 2025/07/07 6:58 p.m.•4 views

CVE-2025-6044

An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture...

6.2AI score0.00115EPSS

Cvelist•added 2025/06/16 4:43 p.m.•11 views

CVE-2025-6177 ChromeOS MiniOS Root Code Execution Bypass While Dev Mode Blocked

Privilege Escalation in MiniOS in Google ChromeOS 16063.45.2 and potentially others on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell VT3 console accessible through specific key combinations during developer mode entry and MiniOS access, even whe...

0.00084EPSS

RedhatCVE•added 2025/05/23 4:4 a.m.•5 views

CVE-2023-3731

Use after free in Diagnostics in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

8.8CVSS7.2AI score0.00322EPSS

Exploits1

RedhatCVE•added 2025/05/22 4:23 a.m.•7 views

CVE-2019-13689

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. Chromium security severity: Critical...

7.8CVSS6.5AI score0.00288EPSS

CNVD•added 2025/05/14 12:0 a.m.•4 views

Google ChromeOS Out-of-Bounds Read Vulnerability

Google ChromeOS is an operating system from the American company Google. Google ChromeOS suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a virtual machine to escape...

7.8CVSS7.3AI score0.00112EPSS

CNVD•added 2025/05/08 12:0 a.m.•3 views

Google ChromeOS Post-Release Usage Vulnerability

Google ChromeOS is an operating system based on the Linux kernel. Google ChromeOS suffers from a use-after-release vulnerability that stems from the presence of a competing conditional use-after-release reuse in the virtiotransportspaceupdate function, which can be exploited by an attacker to cau...

8.1CVSS6.7AI score0.00253EPSS

CNNVD•added 2025/05/06 12:0 a.m.•5 views

Google ChromeOS 安全漏洞

7.8CVSS6.7AI score0.00112EPSS

Exploits1References2

CNVD•added 2025/04/25 12:0 a.m.•1 views

Google ChromeOS Memory Misreference Vulnerability

Google ChromeOS is a set of Web-based lightweight open source operating system from Google Google. Google ChromeOS suffers from a memory misreference vulnerability that is caused by a flaw in ComponentInstaller. An attacker could exploit the vulnerability to intercept device management requests b...

6.5CVSS6AI score0.00194EPSS