Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from an improper implementation vulnerability that stems from an improper implementation in V8. An attacker could exploit this vulnerability by exploiting a heap corruption vulnerability via a carefully constructed HTML...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 5 security fixes: 443906252 High CVE-2025-12725: Out of bounds write in WebGPU. Reported by Anonymous on 2025-09-09 447172715 High CVE-2025-12726: Inappropriate implementation in Views. Reported by Alesandro Ortiz on 2025-09-25 454485895 High...

Chromium: CVE-2025-12441 Out of bounds read in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2025-12429 Inappropriate implementation in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Update Chrome now: 20 security fixes just landed

Google has released an update for its Chrome browser that includes 20 security fixes, several of which are classed as high severity. Most of these flaws were found in Chrome’s V8 engine—the part of Chrome and other Chromium-based browsers that runs JavaScript. Chrome is by far the world’s most...

Microsoft Edge (Chromium) < 142.0.3595.53 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 142.0.3595.53. It is, therefore, affected by multiple vulnerabilities as referenced in the October 31, 2025 advisory. - Protection mechanism failure in Microsoft Edge Chromium-based allows an unauthorized attacker to...

Microsoft Edge 安全漏洞

Microsoft Edge is a web browser from Microsoft Corporation USA that comes with systems after Windows 10. A security vulnerability exists in Microsoft Edge that stems from an improper implementation in V8...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 20 security fixes: 447613211 High CVE-2025-12428: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2025-09-26 450618029 High CVE-2025-12429: Inappropriate implementation in V8. Reported by Aorui Zhang on 2025-10-10 442860743 High...

CVE-2025-12380

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via specially...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome prior to version 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome prior to version 142.0.7444.59, which stems from a flaw in the V8 engine's handling of object types. The vulnerability can be exploited by an attacker to trigger heap corruption via a specially...

PT-2025-47219

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 142.0.7444.59 Description A type confusion issue exists in the V8 component of Google Chrome. This flaw could allow a remote attacker to potentially exploit heap corruption through a specially crafted HTML page...

PT-2025-47221

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 142.0.7444.59 Description A type confusion issue exists in the V8 component of Google Chrome. This flaw could allow a remote attacker to exploit heap corruption through a specially designed HTML page...

PT-2025-47220

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 142.0.7444.59 Description A type confusion issue exists in the V8 component of Google Chrome. This could allow a remote attacker to potentially exploit heap corruption through a specially crafted HTML page...

PT-2025-47223

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 142.0.7444.59 Description A type confusion issue exists within the V8 component of Google Chrome. This flaw could allow a remote attacker to potentially exploit heap corruption through a specially crafted HTML...

TencentOS Server 3: firefox (TSSA-2025:0792)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0792 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS, which stems from the jsprintobject function not properly handling array size changes during callbacks when printing arrays and collection objects, potentially leading to reuse...

CVE-2025-11713

Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and...

CVE-2025-11708

Use-after-free in MediaTrackGraphImpl::GetInstance. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...