Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleChrome

102 matches found

CVE
CVEadded 2025/01/22 8:15 p.m.1040 views

CVE-2025-0611

Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.2CVSS6.3AI score0.00228EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.976 views

CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.7AI score0.00329EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.954 views

CVE-2025-0435

Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

6.5CVSS6.4AI score0.00063EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.906 views

CVE-2025-0439

Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00067EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.805 views

CVE-2025-0442

Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.2AI score0.00085EPSS
CVE
CVEadded 2025/05/14 6:15 p.m.794 views

CVE-2025-4664

Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

4.3CVSS6AI score0.00022EPSS
In wild
CVE
CVEadded 2025/01/29 11:15 a.m.574 views

CVE-2025-0762

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)

8.8CVSS6.9AI score0.00256EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.471 views

CVE-2025-5283

Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS7.1AI score0.00085EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.466 views

CVE-2025-5064

Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS6AI score0.00066EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.465 views

CVE-2025-0448

Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS6.4AI score0.00075EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.464 views

CVE-2025-5281

Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS6AI score0.00066EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.450 views

CVE-2025-5067

Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.2AI score0.00064EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.434 views

CVE-2025-0446

Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

4.3CVSS6.6AI score0.00069EPSS
CVE
CVEadded 2025/01/08 7:15 p.m.425 views

CVE-2025-0291

Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.4AI score0.01472EPSS
CVE
CVEadded 2025/03/26 4:15 p.m.419 views

CVE-2025-2783

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

8.3CVSS6.8AI score0.19786EPSS
In wild
CVE
CVEadded 2025/06/24 8:15 p.m.358 views

CVE-2025-6556

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS6.3AI score0.00021EPSS
CVE
CVEadded 2025/06/24 8:15 p.m.352 views

CVE-2025-6555

Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS7.3AI score0.00052EPSS
CVE
CVEadded 2025/03/19 7:15 p.m.341 views

CVE-2025-2476

Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS6.8AI score0.11799EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.337 views

CVE-2025-0434

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.9AI score0.00124EPSS
CVE
CVEadded 2025/06/03 12:15 a.m.335 views

CVE-2025-5419

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.011EPSS
In wild
CVE
CVEadded 2025/02/04 7:15 p.m.318 views

CVE-2025-0444

Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

6.3CVSS7.1AI score0.00317EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.315 views

CVE-2025-0437

Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.8AI score0.00073EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.315 views

CVE-2025-0438

Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.3AI score0.00165EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.311 views

CVE-2025-0436

Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.00176EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.309 views

CVE-2025-0447

Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)

8.8CVSS6.8AI score0.00329EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.302 views

CVE-2025-0440

Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00046EPSS
CVE
CVEadded 2025/01/22 8:15 p.m.299 views

CVE-2025-0612

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5CVSS6.8AI score0.00217EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.295 views

CVE-2025-0441

Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS5.9AI score0.00091EPSS
CVE
CVEadded 2025/02/04 7:15 p.m.293 views

CVE-2025-0451

Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

6.3CVSS6.4AI score0.00243EPSS
CVE
CVEadded 2025/06/24 8:15 p.m.293 views

CVE-2025-6557

Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS7.5AI score0.00066EPSS
CVE
CVEadded 2025/05/05 6:15 p.m.290 views

CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)

9.8CVSS5.9AI score0.00061EPSS
CVE
CVEadded 2025/02/04 7:15 p.m.276 views

CVE-2025-0445

Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

5.4CVSS7.1AI score0.00167EPSS
CVE
CVEadded 2025/05/06 10:15 p.m.252 views

CVE-2025-4372

Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS7.1AI score0.00082EPSS
CVE
CVEadded 2025/08/22 9:15 p.m.249 views

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

9.6CVSS5.8AI score0.00088EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.222 views

CVE-2025-5063

Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.8AI score0.00207EPSS
CVE
CVEadded 2025/05/05 6:15 p.m.219 views

CVE-2025-4096

Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7AI score0.00082EPSS
CVE
CVEadded 2025/05/05 6:15 p.m.197 views

CVE-2025-4050

Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.5AI score0.00089EPSS
CVE
CVEadded 2025/05/05 6:15 p.m.190 views

CVE-2025-4051

Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)

6.3CVSS5.9AI score0.00055EPSS
CVE
CVEadded 2025/06/30 10:15 p.m.190 views

CVE-2025-6554

Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.1CVSS6AI score0.00264EPSS
In wild
CVE
CVEadded 2025/05/27 9:15 p.m.185 views

CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.8AI score0.00192EPSS
CVE
CVEadded 2025/06/11 1:15 a.m.180 views

CVE-2025-5959

Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.00062EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.174 views

CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.2AI score0.00064EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.157 views

CVE-2025-5066

Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.1AI score0.00064EPSS
CVE
CVEadded 2025/06/11 1:15 a.m.152 views

CVE-2025-5958

Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.00079EPSS
CVE
CVEadded 2025/03/10 9:15 p.m.137 views

CVE-2025-2135

Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.8AI score0.00113EPSS
CVE
CVEadded 2025/09/03 5:15 p.m.136 views

CVE-2025-9867

Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS5.9AI score0.0003EPSS
CVE
CVEadded 2025/07/15 6:15 p.m.133 views

CVE-2025-6558

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.1AI score0.0011EPSS
In wild
CVE
CVEadded 2025/09/03 5:15 p.m.132 views

CVE-2025-9865

Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS5.9AI score0.0003EPSS
CVE
CVEadded 2025/06/03 12:15 a.m.123 views

CVE-2025-5068

Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS7.1AI score0.00127EPSS
CVE
CVEadded 2025/04/02 1:15 a.m.118 views

CVE-2025-3066

Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00081EPSS
Total number of security vulnerabilities102