CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.4CVSS6.1AI score0.00017EPSS

CVE-2025-13632

Inappropriate implementation in DevTools in Google Chrome prior to 143.0.7499.41 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

UbuntuCve•added 2025/12/02 7:15 p.m.•3 views

CVE-2025-13640

Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authentication via physical access to the device. Chromium security severity: Low...

3.5CVSS5.9AI score0.00012EPSS

7.5CVSS7.1AI score0.0006EPSS

CVE-2025-13721

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

4.4CVSS5.9AI score0.00005EPSS

CVE-2025-13635

Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

8.8CVSS7.2AI score0.00079EPSS

CVE-2025-13720

Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.00019EPSS

CVE-2025-13637

Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass download protections via a crafted HTML page. Chromium security severity: Low...

8.1CVSS7.2AI score0.00028EPSS

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.8CVSS7.2AI score0.00105EPSS

CVE-2025-13633

Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.9AI score0.00067EPSS

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

8.8CVSS7.2AI score0.00105EPSS

CVE-2025-13638

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

4.4CVSS5.9AI score0.00006EPSS

CVE-2025-13634

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. Chromium security severity: Medium...

UbuntuCve•added 2025/12/02 7:15 p.m.•3 views

CVE-2025-13631

Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. Chromium security severity: High...

8.8CVSS5.9AI score0.00077EPSS

8.8CVSS7.2AI score0.00079EPSS

CVE-2025-13630

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...