180 matches found
DEBIAN-CVE-2025-9865
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-9865
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-9865
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
PT-2025-35798
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 140.0.7339.80 Description: An inappropriate implementation in the Toolbar component of Google Chrome on Android allowed a remote attacker to perform domain spoofing. The attack required convincing a user to...
CVE-2025-8881
Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8881
Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2025-8881
Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8882
Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8882
CVE-2025-8882 is a use-after-free in Aura within Chromium-based Google Chrome, affected up to version 139.0.7258.127. The underlying issue is a use-after-free that could allow heap corruption when a user is enticed to perform specific UI gestures via a crafted HTML page. The vulnerability is tied...
CVE-2025-8882
Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8881
Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8881
CVE-2025-8881 relates to an inappropriate implementation in Google Chrome’s File Picker prior to 139.0.7258.127. A remote attacker could coax a user to perform specific UI gestures to cause leakage of cross-origin data via a crafted HTML page. The vulnerability is tied to the Chromium/Chrome File...
CVE-2025-8881
Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
PT-2025-32962 · Google +1 · Google Chrome +1
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 139.0.7258.127 Description: A use-after-free issue existed in Aura within Google Chrome. This allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page by convincing a user to...
CVE-2025-6557
Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2025-4052
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2025-3071
Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2025-3071
Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in Google Chrome prior to version 133.0.6943.53, which stems from an improper implementation in the Extensions API that allows remote attackers to convince a user to engage in specific UI gestur...