Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

11 matches found

CVE•added 2025/04/02 1:15 a.m.•117 views

CVE-2025-3066

Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00118EPSS

CVE•added 2025/04/02 1:15 a.m.•95 views

CVE-2025-3067

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)

8.8CVSS7AI score0.00041EPSS

CVE•added 2025/04/02 1:15 a.m.•91 views

CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.4AI score0.00069EPSS

CVE•added 2025/04/02 1:15 a.m.•90 views

CVE-2025-3068

Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.8AI score0.00087EPSS

CVE•added 2025/04/02 1:15 a.m.•90 views

CVE-2025-3074

Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.4AI score0.00069EPSS

CVE•added 2025/04/16 9:15 p.m.•83 views

CVE-2025-3619

Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS7.2AI score0.00113EPSS

CVE•added 2025/04/02 1:15 a.m.•74 views

CVE-2025-3069

Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.8AI score0.00091EPSS

CVE•added 2025/04/16 9:15 p.m.•73 views

CVE-2025-3620

Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7AI score0.00074EPSS

CVE•added 2025/04/02 1:15 a.m.•69 views

CVE-2025-3071

Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.3AI score0.00014EPSS

CVE•added 2025/04/02 1:15 a.m.•68 views

CVE-2025-3073

Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.4AI score0.00069EPSS

CVE•added 2025/04/02 1:15 a.m.•63 views

CVE-2025-3070

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.8AI score0.00068EPSS