Chrome CVEs and Security Vulnerabilities

Filtered by vendor Google Subscriptions

Filtered by product Chrome Subscriptions

Search

Switch to Advanced Search (Beta)

Total 3805 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-0447	1 Google	1 Chrome	2025-04-21	8.8 High
Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-0446	1 Google	1 Chrome	2025-04-21	4.3 Medium
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2025-0443	1 Google	1 Chrome	2025-04-21	8.8 High
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0442	1 Google	1 Chrome	2025-04-21	6.5 Medium
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0441	1 Google	1 Chrome	2025-04-21	6.5 Medium
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0440	2 Google, Microsoft	2 Chrome, Windows	2025-04-21	6.5 Medium
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0439	1 Google	1 Chrome	2025-04-21	6.5 Medium
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0438	1 Google	1 Chrome	2025-04-21	8.8 High
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-3074	1 Google	1 Chrome	2025-04-21	5.4 Medium
Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3073	1 Google	1 Chrome	2025-04-21	5.4 Medium
Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3072	1 Google	1 Chrome	2025-04-21	5.4 Medium
Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3071	1 Google	1 Chrome	2025-04-21	5.4 Medium
Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-0436	1 Google	1 Chrome	2025-04-21	8.8 High
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0434	1 Google	1 Chrome	2025-04-21	8.8 High
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0435	1 Google	2 Android, Chrome	2025-04-21	6.5 Medium
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)
CVE-2017-5100	4 Debian, Google, Microsoft and 1 more	7 Debian Linux, Chrome, Windows and 4 more	2025-04-20	8.8 High
A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5097	4 Debian, Google, Linux and 1 more	4 Debian Linux, Chrome, Linux Kernel and 1 more	2025-04-20	N/A
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5112	3 Google, Microsoft, Redhat	3 Chrome, Windows, Rhel Extras	2025-04-20	N/A
Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2017-5074	3 Google, Microsoft, Redhat	3 Chrome, Windows, Rhel Extras	2025-04-20	N/A
A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.
CVE-2017-5068	5 Apple, Google, Linux and 2 more	8 Macos, Chrome, Linux Kernel and 5 more	2025-04-20	7.5 High
Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.

« first previous Page 21 of 191. next last »