CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

378 matches found

OSV•added 2025/11/14 3:15 a.m.•2 views

CVE-2024-7017

Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

7.5CVSS7.2AI score

Exploits0References2

OSV•added 2025/11/14 3:15 a.m.•1 views

DEBIAN-CVE-2024-7017

7.5CVSS7.3AI score0.00176EPSS

Exploits1References1

CVE•added 2025/11/14 2:29 a.m.•16 views

CVE-2024-7017

CVE-2024-7017: In Google Chrome DevTools an inappropriate implementation allows sandbox escape via a crafted HTML page. Affected product is Google Chrome (DevTools). Root cause: DevTools mal-implementation described as an inappropriate implementation. Impact: potential sandbox escape with high se...

7.5CVSS6.7AI score0.00176EPSS

Exploits1References2Affected Software1

Debian CVE•added 2025/11/14 2:29 a.m.•3 views

CVE-2024-7017

7.5CVSS7.3AI score0.00176EPSS

Exploits1

Cvelist•added 2025/11/14 2:29 a.m.•5 views

CVE-2025-13097

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00144EPSS

Exploits1References2

CVE•added 2025/11/14 2:29 a.m.•420 views

CVE-2025-13097

CVE-2025-13097 is a Chrome/Chromium DevTools vulnerability caused by an inappropriate implementation that could allow a remote sandbox escape via a crafted HTML page. Affected product: Google Chrome (DevTools/Chromium). Root cause: DevTools handling defect leading to sandbox bypass. Impact: sandb...

5.4CVSS6.7AI score0.00144EPSS

Exploits1References2Affected Software1

Tenable Nessus•added 2025/11/14 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-7017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafte...

7.5CVSS5.5AI score0.00176EPSS

Exploits1References2

Tenable Nessus•added 2025/11/13 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-12909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. Chromium...

5.3CVSS5.7AI score0.00178EPSS

Exploits1References2

RedhatCVE•added 2025/11/12 10:27 a.m.•3 views

CVE-2025-12909

Insufficient policy enforcement in Devtools in Google Chrome allowed a remote attacker to leak cross-origin data via Devtools...

5.3CVSS6.4AI score0.00178EPSS

Exploits1References2

RedhatCVE•added 2025/11/12 10:22 a.m.•2 views

CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome allowed a remote attacker to execute arbitrary code via user action in Devtools...

8.8CVSS7.4AI score0.00251EPSS

Exploits3References2

OSV•added 2025/11/08 12:15 a.m.•3 views

DEBIAN-CVE-2025-12909

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. Chromium security severity: Low...

5.3CVSS5.7AI score0.00178EPSS

Exploits1References1

NVD•added 2025/11/08 12:15 a.m.•4 views

CVE-2025-12909

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. Chromium security severity: Low...

5.3CVSS0.00178EPSS

Exploits1References2

NVD•added 2025/11/08 12:15 a.m.•2 views

CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. Chromium security severity: Low...

8.8CVSS0.00251EPSS

Exploits3References2

OSV•added 2025/11/08 12:15 a.m.•2 views

CVE-2025-12907

8.8CVSS6.1AI score

Exploits0References2

Snyk•added 2025/11/07 11:46 p.m.•3 views

Access Control Bypass

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Access Control Bypass due to insufficient Content Security Policy enforcement in the Network.loadNetworkResource method of the DevTools protocol network handler. An attacker can exfiltrat...

5.3CVSS6.4AI score0.00178EPSS

Exploits1References2

Snyk•added 2025/11/07 11:46 p.m.•2 views

Improper Neutralization

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Improper Neutralization due to insufficient sanitization of special whitespace characters in the escapeStringWin function. An attacker can execute arbitrary code by crafting malicious inp...

8.8CVSS7.6AI score0.00251EPSS

Exploits3References2

Vulnrichment•added 2025/11/07 11:23 p.m.•1 views

CVE-2025-12909

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. Chromium security severity: Low...

6.2AI score0.00178EPSS

Exploits1References2

CVE•added 2025/11/07 11:23 p.m.•13 views

CVE-2025-12909

CVE-2025-12909 affects Google Chrome via Devtools: Insufficient policy enforcement in Devtools allows a remote attacker to leak cross-origin data. The vulnerability is tied to Chrome versions before 140.0.7339.80. Affected component: Devtools policy enforcement in Chrome/Chromium. Impact per sour...

5.3CVSS6.2AI score0.00178EPSS

Exploits1References2Affected Software1

Cvelist•added 2025/11/07 11:23 p.m.•7 views

CVE-2025-12907

0.00251EPSS

Exploits3References2

Vulnrichment•added 2025/11/07 11:23 p.m.•3 views

CVE-2025-12907

7.3AI score0.00251EPSS

Exploits3References2

Rows per page