CVE-2025-12433

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2025-12431

Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: High...

CVE-2025-12429

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

Cryptographic Binding Should Not Be Optional: A Formal-Methods Analysis of FIDO UAF Channel Binding

As a case study in cryptographic binding, we present a formal-methods analysis of the cryptographic channel binding mechanisms in the Fast IDentity Online FIDO Universal Authentication Framework UAF authentication protocol, which seeks to reduce the use of traditional passwords in favor of...

Google Chrome 安全漏洞

Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a Passkeys mal-implementation vulnerability, which can be exploited by an attacker to obtain sensitive information via debug logs...

MAL-2025-191930 Malicious code in wei516-ppa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1d5a85017b397970606b9d2d5150a6f6ee8f71fdbd810fe6b0a8f34c577d76d1 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

CVE-2025-46424

Dell CloudLink, versions prior to 8.2, contain use of a Cryptographic Primitive with a Risky Implementation vulnerability. A high privileged attacker could potentially exploit this vulnerability leading to Denial of service...

SUSE CVE-2025-12726

Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

Fedora 41 : chromium (2025-916064e307)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-916064e307 advisory. Update to 142.0.7444.59 High CVE-2025-12428: Type Confusion in V8 High CVE-2025-12429: Inappropriate implementation in V8 High CVE-2025-12430: Objec...

Linux Distros Unpatched Vulnerability : CVE-2025-12726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to...

Linux Distros Unpatched Vulnerability : CVE-2025-12729

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific...

CVE-2025-11212

Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-11212

Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

CVE-2025-11216

CVE-2025-11216: In Google Chrome on Mac, prior to Chromium 141.0.7390.54, an inappropriate Storage implementation allows a remote attacker to spoof domains via a crafted video file. Affected: Chrome/Chromium (Mac). Root cause: Storage handling flaw as described in the CVE. Impact: domain spoofing...

Chromium: CVE-2025-12726 Inappropriate implementation in Views.

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

GHSA-X33C-7C2V-MRJ9 Apollo Router Affected by an Access Control Bypass on Polymorphic Types

Summary A vulnerability in Apollo Router allowed for unauthenticated queries to access data that required additional access controls. Router incorrectly handled access control directives on interface types/fields and their implementing object types/fields, applying them to interface types/fields...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome that stems from an improper view implementation...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from an improper implementation vulnerability that stems from an improper implementation in V8. An attacker could exploit this vulnerability by exploiting a heap corruption vulnerability via a carefully constructed HTML...