Google Chrome Code Execution Vulnerability (CNVD-2025-10054)

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from an out-of-bounds memory access in DevTools, and can be exploited by an attacker to cause heap corruption...

Google Chrome Security Bypass Vulnerability (CNVD-2025-10055)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from an improper implementation in DevTools, and can be exploited by an attacker to cause an access control bypass...

MAL-2025-3778 Malicious code in firefox-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27d723f2db7c5589f68811969f49939e22ad3e71b00f741fc7f19a5bb6464da2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in firefox-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27d723f2db7c5589f68811969f49939e22ad3e71b00f741fc7f19a5bb6464da2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3656 Malicious code in vue-ssr-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea182277a6932c17b90af3e6d99aea3b0824f5ac77dff35caaf782c3ce87c150 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in vue-ssr-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea182277a6932c17b90af3e6d99aea3b0824f5ac77dff35caaf782c3ce87c150 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora 41 : chromium (2025-8fbc37e703)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-8fbc37e703 advisory. Update to 136.0.7103.59 CVE-2025-4096: Heap buffer overflow in HTML CVE-2025-4050: Out of bounds memory access in DevTools CVE-2025-4051: Insufficie...

DEBIAN-CVE-2025-4051

Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

DEBIAN-CVE-2025-4050

Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-4050

Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

CVE-2025-4051

Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2025-4050

Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2025-4051

Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

Chromium: CVE-2025-4052 Inappropriate implementation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from an improper implementation in DevTools, and can be exploited by an attacker to cause an access control bypass...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from an out-of-bounds memory access in DevTools, and can be exploited by an attacker to cause heap corruption...