15 matches found
Astra Linux – Vulnerability in Chromium
The use of after free in Extensions in Google Chrome before version 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: Medium...
Google Chrome Information Disclosure Vulnerability (CNVD-2025-3038304)
Google Chrome is a web browser from Google, an American company. An information disclosure vulnerability exists in versions of Google Chrome prior to 139.0.7258.66, which stems from the disclosure of side-channel information during navigation and loading, and can be exploited by an attacker to...
SUSE CVE-2025-13992
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
EUVD-2025-201092
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13992
CVE-2025-13992 affects Google Chrome (Chrome/Chromium) prior to version 139.0.7258.66, involving a side-channel information leakage during Navigation and Loading that could allow a remote attacker to bypass site isolation via a crafted HTML page. Affected component/behavior is described in public...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Fedora 42 : chromium (2025-04158e05ef)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04158e05ef advisory. Updated to 139.0.7258.66 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementati...
DEBIAN-CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2025-8583
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
DEBIAN-CVE-2025-8577
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
SUSE CVE-2025-8582
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
PT-2025-48984
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 139.0.7258.66 Description A flaw exists in Google Chrome’s Navigation and Loading functionality that allows a remote attacker to bypass site isolation. This is due to side-channel information leakage. The issue...