EUVD-2025-16297

Malicious code in bioql PyPI...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

The vulnerability of the FileSystemAccess API programming interface of the Google Chrome browser, which allows attackers to perform spoofing attacks

The vulnerability of the FileSystemAccess API of the Google Chrome browser’s software interface is related to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks using a specially created HTML page...

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Chromium: CVE-2025-5065 Inappropriate implementation in FileSystemAccess API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-5065

The CVE-2025-5065 entry corresponds to an insecure implementation in Chrome’s FileSystemAccess API that could enable UI spoofing via a crafted HTML page. Affected software is Google Chrome (Chromium-based); vulnerability arises from an inappropriate implementation in FileSystemAccess API prior to...

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Google Chrome Security Bypass Vulnerability (CNVD-2025-10924)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability due to an improper implementation in the FileSystemAccess API, which can be exploited by an attacker to perform user interface spoofing via specially crafted HTML pages...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 11 security fixes: 411573532 High CVE-2025-5063: Use after free in Compositing. Reported by Anonymous on 2025-04-18 417169470 High CVE-2025-5280: Out of bounds write in V8. Reported by pwn2car on 2025-05-12 40058068 Medium CVE-2025-5064: Inappropriate...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability due to an improper implementation in the FileSystemAccess API, which can be exploited by an attacker to perform user interface spoofing via specially crafted HTML pages...

GHSA-746X-XXRX-23JP Jenkins Kmap Plugin stores credentials in plain text

Jenkins Kmap Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2022-27218

Jenkins incapptic connect uploader Plugin 1.15 and earlier stores tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

PT-2025-23029 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 137.0.7151.55 Description: The issue is related to an inappropriate implementation in the FileSystemAccess API, allowing a remote attacker to perform UI spoofing via a crafted HTML page. Recommendations: For...