552 matches found
CVE-2025-11205
Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2025-11205
Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Chromium: CVE-2025-12725 Out of bounds write in WebGPU
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
KLA89993 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in V8 can be exploited to cause denial of service. 2. Out of bounds memory read...
Google Chrome 安全漏洞
Google Chrome is a web browser by Google, an American company. A security vulnerability exists in Google Chrome that originates from an out-of-bounds write in the WebGPU...
Google Chrome < 142.0.7444.135 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 142.0.7444.135. It is, therefore, affected by multiple vulnerabilities as referenced in the 202511stable-channel-update-for-desktop advisory. - Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137...
KLA89898 DoS vulnerabilities in Google Chrome
Denial of service vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Omnibox can be exploited to cause denial of service. 2. Implementation...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 5 security fixes: 443906252 High CVE-2025-12725: Out of bounds write in WebGPU. Reported by Anonymous on 2025-09-09 447172715 High CVE-2025-12726: Inappropriate implementation in Views. Reported by Alesandro Ortiz on 2025-09-25 454485895 High...
Google Chrome < 142.0.7444.134 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 142.0.7444.134. It is, therefore, affected by multiple vulnerabilities as referenced in the 202511stable-channel-update-for-desktop advisory. - Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137...
CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...
Vulnerability fixed in Mozilla Firefox
Mozilla has fixed a vulnerability in Firefox Specific for versions before 144.0.2 The vulnerability is in how a compromised child process can exploit a use-after-free issue in the GPU or browser process via WebGPU-related IPC calls. This can lead to a sandbox escape, which compromises the browser...
Mozilla Firefox Code Execution Vulnerability (CNVD-2025-26886)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that is caused by the use of a WebGPU internal release triggered by an infected child process. An attacker could exploit the vulnerability to...
FreeBSD : Firefox -- use-after-free in the GPU or browser process (291773e6-b5b2-11f0-8f61-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 291773e6-b5b2-11f0-8f61-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1993113 reports: Starting with Firefox 142, it was possible...
SUSE CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...
Linux Distros Unpatched Vulnerability : CVE-2025-12380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC...
Mozilla Firefox Security Advisory (MFSA2025-86) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2025-86. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
EUVD-2025-36530
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox 144.0.2...
CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox 144.0.2...
CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...
CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability affects Firefox 144.0.2...