CVE-2025-1568

Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 16063.87.0 allows an attacker with a registered Gerrit account to inject malicious code into ChromeOS projects and potentially achieve Remote Code Execution and Denial of Service via editing trusted pipelin...

CVE-2025-1704

ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices and intercept device management requests via loading components from the unencrypted stateful partition...

CVE-2025-1121

Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image...

EUVD-2025-10992

Malicious code in bioql PyPI...

EUVD-2025-10991

Malicious code in bioql PyPI...

EUVD-2025-11488

Malicious code in bioql PyPI...

EUVD-2025-20310

Malicious code in bioql PyPI...

EUVD-2025-18418

Malicious code in bioql PyPI...

EUVD-2025-18417

Malicious code in bioql PyPI...

CVE-2025-6044

An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture...

Google ChromeOS Elevation of Privilege Vulnerability

Google ChromeOS is an operating system from the American company Google. Google ChromeOS suffers from an elevation of privilege vulnerability that originates from debug shell accessibility, which can be exploited by an attacker to access restricted system functions and data via elevation of...

CVE-2025-6044

An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture...

CVE-2025-6044

CVE-2025-6044 concerns Google ChromeOS: an Improper Access Control in the Stylus Tools component on ChromeOS 16238.64.0 (garaged stylus devices) allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen captur...

CVE-2025-6044

An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture...

PT-2025-28251 · Google · Chrome Os

Name of the Vulnerable Software and Affected Versions: Google ChromeOS version 16238.64.0 Description: An Improper Access Control issue in the Stylus Tools component of Google ChromeOS on Lenovo devices allows a physical attacker to bypass the lock screen and access user files. This can be achiev...

Google ChromeOS 安全漏洞

Google ChromeOS is an operating system from the American company Google. Google ChromeOS suffers from an Access Control Error vulnerability that stems from improper access control of the Stylus Tools component, which can be exploited by an attacker to obtain information about a user's files...

Google ChromeOS Permission Issues Vulnerability

Google ChromeOS is a Linux kernel-based operating system developed by Google. Google ChromeOS suffers from a privilege issue vulnerability. The vulnerability stems from a privilege bypass in extension management, which can be exploited by an attacker to disable extensions on ChromeOS and access...

CVE-2025-6177

Privilege Escalation in MiniOS in Google ChromeOS 16063.45.2 and potentially others on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell VT3 console accessible through specific key combinations during developer mode entry and MiniOS access, even whe...

CVE-2025-6179

Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools...

CVE-2025-6179

Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools...