Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

11 matches found

CVE•added 2025/04/02 1:15 a.m.•118 views

CVE-2025-3066

Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00081EPSS

CVE•added 2025/04/02 1:15 a.m.•101 views

CVE-2025-3067

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)

8.8CVSS7AI score0.00052EPSS

CVE•added 2025/04/02 1:15 a.m.•93 views

CVE-2025-3068

Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.8AI score0.0006EPSS

CVE•added 2025/04/02 1:15 a.m.•93 views

CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.4AI score0.00042EPSS

CVE•added 2025/04/02 1:15 a.m.•93 views

CVE-2025-3074

Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.4AI score0.00042EPSS

CVE•added 2025/04/16 9:15 p.m.•86 views

CVE-2025-3619

Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS7.2AI score0.00031EPSS

CVE•added 2025/04/16 9:15 p.m.•77 views

CVE-2025-3620

Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7AI score0.00051EPSS

CVE•added 2025/04/02 1:15 a.m.•76 views

CVE-2025-3069

Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.8AI score0.00062EPSS

CVE•added 2025/04/02 1:15 a.m.•71 views

CVE-2025-3071

Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.3AI score0.00008EPSS

CVE•added 2025/04/02 1:15 a.m.•70 views

CVE-2025-3073

Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.4AI score0.00042EPSS

CVE•added 2025/04/02 1:15 a.m.•66 views

CVE-2025-3070

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.8AI score0.00054EPSS