Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleChrome Os

8 matches found

CVE
CVEadded 2025/04/16 11:15 p.m.65 views

CVE-2025-1568

Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 16063.87.0 allows an attacker with a registered Gerrit account to inject malicious code into ChromeOS projects and potentially achieve Remote Code Execution and Denial of Service via editing trusted pipelines...

8.8CVSS8.8AI score0.00154EPSS
CVE
CVEadded 2025/04/16 11:15 p.m.60 views

CVE-2025-2073

Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with low privileges to trigger an out-of-bounds read, potentially leading to information disclosure

8.8CVSS8AI score0.00026EPSS
CVE
CVEadded 2025/04/16 11:15 p.m.57 views

CVE-2025-1566

DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

7.5CVSS7.5AI score0.00032EPSS
CVE
CVEadded 2025/04/17 1:15 a.m.54 views

CVE-2025-1290

A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structureduring an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a da...

8.1CVSS7.2AI score0.00062EPSS
CVE
CVEadded 2025/04/16 11:15 p.m.51 views

CVE-2025-1704

ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devicesand intercept device management requests via loading components from the unencrypted stateful partition.

6.5CVSS6.6AI score0.00024EPSS
CVE
CVEadded 2025/03/07 12:15 a.m.50 views

CVE-2025-1121

Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root codeexecution and potentially unenroll enterprise-managed devices via a specially crafted recovery image.

6.8CVSS7.1AI score0.00005EPSS
CVE
CVEadded 2025/06/16 5:15 p.m.21 views

CVE-2025-6179

Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools.

9.8CVSS6.4AI score0.00027EPSS
CVE
CVEadded 2025/06/16 5:15 p.m.19 views

CVE-2025-6177

Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell (VT3 console) accessible through specific key combinations during developer mode entry and MiniOS access, even w...

7.4CVSS7.1AI score0.00007EPSS