4499 matches found
SUSE CVE-2025-12727
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2025-12036
Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2025-12036
CVE-2025-12036 is an out-of-bounds memory access in V8 within Google Chrome, prior to version 141.0.7390.122. The issue allows a remote attacker to trigger memory access errors via a crafted HTML page. The vulnerability is rated High (CVSS 3.1: 8.8) with Network attack vector, no privileges requi...
CVE-2025-11219
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...
CVE-2025-11219
CVE-2025-11219 affects Google Chrome/Chromium: a use-after-free in V8 prior to 141.0.7390.54 allows potential out-of-bounds memory access via a crafted HTML page. The Chrome 141.0.7390.54 update (and related Debian/ Alpine security advisories) fixes this issue. The CVSS v3.1 base score is 3.1 (Lo...
CVE-2025-11219
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from an improper implementation vulnerability that stems from an improper implementation in V8. An attacker could exploit this vulnerability by exploiting a heap corruption vulnerability via a carefully constructed HTML...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 5 security fixes: 443906252 High CVE-2025-12725: Out of bounds write in WebGPU. Reported by Anonymous on 2025-09-09 447172715 High CVE-2025-12726: Inappropriate implementation in Views. Reported by Alesandro Ortiz on 2025-09-25 454485895 High...
Astra Linux – Vulnerability in Firefox, Thunderbird
The JavaScript engine did not handle closed generators correctly, and it was possible to resume them, leading to a nullptr dereference. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140....
Astra Linux – Vulnerability in Chromium
In V8 in Google Chrome, prior to version 139.0.7258.127, it was possible for a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 139.0.7258.138, writing V8 code in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Firefox, Thunderbird
Uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 142, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...
Chromium: CVE-2025-12441 Out of bounds read in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-12429 Inappropriate implementation in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Update Chrome now: 20 security fixes just landed
Google has released an update for its Chrome browser that includes 20 security fixes, several of which are classed as high severity. Most of these flaws were found in Chrome’s V8 engine—the part of Chrome and other Chromium-based browsers that runs JavaScript. Chrome is by far the world’s most...
Microsoft Edge 安全漏洞
Microsoft Edge is a web browser from Microsoft Corporation USA that comes with systems after Windows 10. A security vulnerability exists in Microsoft Edge that stems from an improper implementation in V8...
Microsoft Edge (Chromium) < 142.0.3595.53 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 142.0.3595.53. It is, therefore, affected by multiple vulnerabilities as referenced in the October 31, 2025 advisory. - Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 20 security fixes: 447613211 High CVE-2025-12428: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2025-09-26 450618029 High CVE-2025-12429: Inappropriate implementation in V8. Reported by Aorui Zhang on 2025-10-10 442860743 High...
CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome prior to version 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...