25 matches found
SUSE CVE-2026-9985
Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-8576
Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
Linux Distros Unpatched Vulnerability : CVE-2026-8535
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to...
Linux Distros Unpatched Vulnerability : CVE-2026-7992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to...
CVE-2025-1290
A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...
CVE-2025-12438
Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2025-12438
Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-6044
An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture...
CVE-2025-6177 ChromeOS MiniOS Root Code Execution Bypass While Dev Mode Blocked
Privilege Escalation in MiniOS in Google ChromeOS 16063.45.2 and potentially others on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell VT3 console accessible through specific key combinations during developer mode entry and MiniOS access, even whe...
CVE-2023-3731
Use after free in Diagnostics in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...
CVE-2019-13689
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. Chromium security severity: Critical...
Google ChromeOS Out-of-Bounds Read Vulnerability
Google ChromeOS is an operating system from the American company Google. Google ChromeOS suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a virtual machine to escape...
Google ChromeOS Post-Release Usage Vulnerability
Google ChromeOS is an operating system based on the Linux kernel. Google ChromeOS suffers from a use-after-release vulnerability that stems from the presence of a competing conditional use-after-release reuse in the virtiotransportspaceupdate function, which can be exploited by an attacker to cau...
Google ChromeOS 安全漏洞
Google ChromeOS is an operating system from the American company Google. Google ChromeOS suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a virtual machine to escape...
Google ChromeOS Memory Misreference Vulnerability
Google ChromeOS is a set of Web-based lightweight open source operating system from Google Google. Google ChromeOS suffers from a memory misreference vulnerability that is caused by a flaw in ComponentInstaller. An attacker could exploit the vulnerability to intercept device management requests b...
CVE-2025-1290
A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...
Google ChromeOS Elevation of Privilege Vulnerability
Google ChromeOS is a Web-based lightweight open source operating system from Google Google. Google ChromeOS suffers from an elevation of privilege vulnerability that originates from elevation of privilege in the installer and recovery image handling, which can be exploited by an attacker to cause...
PT-2023-8651 · Google · Chrome Os
Name of the Vulnerable Software and Affected Versions: ChromeOS affected versions not specified Description: The issue is related to a driver for the PowerVR graphics processor in ChromeOS, involving the use of memory after it has been freed. This could allow an attacker to execute arbitrary code...
CVE-2019-13690
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
PT-2023-25899 · Google · Google Chrome
Name of the Vulnerable Software and Affected Versions: Google Chrome on ChromeOS versions prior to 115.0.5790.131 Description: The issue allows an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. This can occur d...