Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3628 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-3619 1 Google 1 Chrome 2025-04-23 N/A 8.8 HIGH
Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2025-3620 1 Google 1 Chrome 2025-04-23 N/A 8.8 HIGH
Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0762 1 Google 1 Chrome 2025-04-21 N/A 8.8 HIGH
Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2025-0448 1 Google 1 Chrome 2025-04-21 N/A 4.3 MEDIUM
Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-0447 1 Google 1 Chrome 2025-04-21 N/A 8.8 HIGH
Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-0446 1 Google 1 Chrome 2025-04-21 N/A 4.3 MEDIUM
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2025-0443 1 Google 1 Chrome 2025-04-21 N/A 8.8 HIGH
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0442 1 Google 1 Chrome 2025-04-21 N/A 6.5 MEDIUM
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0441 1 Google 1 Chrome 2025-04-21 N/A 6.5 MEDIUM
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0440 2 Google, Microsoft 2 Chrome, Windows 2025-04-21 N/A 6.5 MEDIUM
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0439 1 Google 1 Chrome 2025-04-21 N/A 6.5 MEDIUM
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-0438 1 Google 1 Chrome 2025-04-21 N/A 8.8 HIGH
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-3074 1 Google 1 Chrome 2025-04-21 N/A 5.4 MEDIUM
Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3073 1 Google 1 Chrome 2025-04-21 N/A 5.4 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3072 1 Google 1 Chrome 2025-04-21 N/A 5.4 MEDIUM
Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3071 1 Google 1 Chrome 2025-04-21 N/A 5.4 MEDIUM
Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-0436 1 Google 1 Chrome 2025-04-21 N/A 8.8 HIGH
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0434 1 Google 1 Chrome 2025-04-21 N/A 8.8 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0435 1 Google 2 Android, Chrome 2025-04-21 N/A 6.5 MEDIUM
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)
CVE-2017-5063 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2025-04-20 6.8 MEDIUM 8.8 HIGH
A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.