Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from an improper implementation in DevTools, and can be exploited by an attacker to cause an access control bypass...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from an out-of-bounds memory access in DevTools, and can be exploited by an attacker to cause heap corruption...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from insufficient data validation in DevTools, and can be exploited by an attacker to cause an access control bypass...

Google Chrome < 136.0.7103.48 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 136.0.7103.48. It is, therefore, affected by multiple vulnerabilities as referenced in the 202504stable-channel-update-for-desktop29 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...

ROS-20250403-05

A vulnerability in the Media component of the Google Chrome browser is related to memory usage after it is released. after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page V8 JavaScript scrip...

@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +25 more potentially affected by CVE-2025-31125 via vite (>=6.0.0 <=6.0.11)

vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =19.1.5, =5.0.0-alpha.37, =19.1.0, =19.1.0, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.3.0-dev.12 and more Source cves: CVE-2025-31125 Source advisory:...

@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +25 more potentially affected by CVE-2025-30208 via vite (>=6.0.0 <=6.0.11)

vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =19.1.5, =5.0.0-alpha.37, =19.1.0, =19.1.0, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.3.0-dev.12 and more Source cves: CVE-2025-30208 Source advisory:...

Google Chrome Path Traversal Vulnerability

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from a path traversal vulnerability that is caused by an error in DevTools. An attacker can exploit the vulnerability to bypass file access restrictions...

@aosweb/osui (>=0.0.23 <=0.0.25), @baosight/er (>=0.1.87 <=0.3.2) +44 more potentially affected by CVE-2025-27597 via @intlify/message-resolver (>=9.1.0 <=9.1.10)

@intlify/message-resolver NPM version =9.1.0, =0.0.23, =0.1.87, =9.14.2, =9.14.2, =0.3.1, =0.5.0, =1.9.7, =9.1.0, =9.1.0, =9.1.0, =9.1.0, =9.1.0, =3.0.0-alpha, =1.8.9, =2.14.0-alpha.3 and more Source cves: CVE-2025-27597 Source advisory: OSV:GHSA-P2PH-7G93-HW3M...

Chromium: CVE-2025-1915 Improper Limitation of a Pathname to a Restricted Directory in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2025-1915

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. Chromium security severity: Mediu...

CVE-2025-1915

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. Chromium security severity: Mediu...

DEBIAN-CVE-2025-1915

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. Chromium security severity: Mediu...

CVE-2025-1915

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. Chromium security severity: Mediu...

CVE-2025-1915

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. Chromium security severity: Mediu...

Google Chrome 路径遍历漏洞

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from a path traversal vulnerability that is caused by an error in DevTools. An attacker can exploit the vulnerability to bypass file access restrictions...

PT-2025-9736 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 134.0.6998.35 Description: The issue is related to improper limitation of a pathname to a restricted directory in DevTools. An attacker could bypass file access restrictions by convincing a user to install a...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 134 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 134.0.6998.35 Linux 134.0.6998.35/36 Windows 134.0.6998.44/45 Mac contains a number of fixes and improvements -- a list of...

Google Chrome DevTools Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in Google Chrome DevTools, which can be exploited by an attacker to execute arbitrary code...

Mageia: Security Advisory (MGASA-2025-0037)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...