Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP6 package chromium, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (197)
CVE-2025-4052 — CVSS 9.8 (critical): Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage…
CVE-2024-9369 — CVSS 9.6 (critical): Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer…
CVE-2024-6779 — CVSS 9.6 (critical): Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox…
CVE-2024-10488 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-10826 — CVSS 8.8 (high): Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit…
CVE-2024-10827 — CVSS 8.8 (high): Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-11112 — CVSS 8.8 (high): Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-11113 — CVSS 8.8 (high): Use after free in Accessibility in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process…
CVE-2024-11115 — CVSS 8.8 (high): Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege…
CVE-2024-6102 — CVSS 8.8 (high): Out of bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap…
CVE-2024-10230 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2024-10231 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2024-10487 — CVSS 8.8 (high): Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a…
CVE-2024-7534 — CVSS 8.8 (high): Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2024-7535 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-7536 — CVSS 8.8 (high): Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-7550 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2024-7964 — CVSS 8.8 (high): Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap…
CVE-2024-7966 — CVSS 8.8 (high): Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer…
CVE-2024-7967 — CVSS 8.8 (high): Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2024-7968 — CVSS 8.8 (high): Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in…
CVE-2024-7969 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-7970 — CVSS 8.8 (high): Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-7972 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds…
CVE-2024-7973 — CVSS 8.8 (high): Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read…
CVE-2024-7974 — CVSS 8.8 (high): Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap…
CVE-2024-8193 — CVSS 8.8 (high): Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to…
CVE-2024-8194 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-8198 — CVSS 8.8 (high): Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to…
CVE-2024-8362 — CVSS 8.8 (high): Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-8636 — CVSS 8.8 (high): Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2024-8637 — CVSS 8.8 (high): Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap…
CVE-2024-8638 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a…
CVE-2024-8639 — CVSS 8.8 (high): Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap…
CVE-2024-8904 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2024-8905 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack…
CVE-2024-9120 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-9121 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds…
CVE-2024-9122 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted…
CVE-2024-9123 — CVSS 8.8 (high): Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2024-9602 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2024-9603 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-9954 — CVSS 8.8 (high): Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2024-9955 — CVSS 8.8 (high): Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap…
CVE-2024-9957 — CVSS 8.8 (high): Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI…
CVE-2024-9959 — CVSS 8.8 (high): Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to…
CVE-2024-9961 — CVSS 8.8 (high): Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in…
CVE-2024-9965 — CVSS 8.8 (high): Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user…
CVE-2025-0434 — CVSS 8.8 (high): Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption…
CVE-2025-0436 — CVSS 8.8 (high): Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-0437 — CVSS 8.8 (high): Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2025-0438 — CVSS 8.8 (high): Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption…
CVE-2025-0443 — CVSS 8.8 (high): Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage…
CVE-2025-0447 — CVSS 8.8 (high): Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege…
CVE-2025-0762 — CVSS 8.8 (high): Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-0995 — CVSS 8.8 (high): Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2025-0999 — CVSS 8.8 (high): Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-1006 — CVSS 8.8 (high): Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-1426 — CVSS 8.8 (high): Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap…
CVE-2025-1914 — CVSS 8.8 (high): Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a…
CVE-2025-1916 — CVSS 8.8 (high): Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious…
CVE-2025-1918 — CVSS 8.8 (high): Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory…
CVE-2025-1919 — CVSS 8.8 (high): Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory…
CVE-2025-1920 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2025-2135 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2025-2136 — CVSS 8.8 (high): Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-2137 — CVSS 8.8 (high): Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a…
CVE-2025-2476 — CVSS 8.8 (high): Use after free in Lens in Google Chrome prior to 134.0.6998.117 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-3066 — CVSS 8.8 (high): Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption…
CVE-2025-3067 — CVSS 8.8 (high): Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a…
CVE-2025-3068 — CVSS 8.8 (high): Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege…
CVE-2025-3069 — CVSS 8.8 (high): Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege…
CVE-2025-3619 — CVSS 8.8 (high): Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap…
CVE-2025-3620 — CVSS 8.8 (high): Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-4050 — CVSS 8.8 (high): Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in…
CVE-2025-4096 — CVSS 8.8 (high): Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-4372 — CVSS 8.8 (high): Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-11395 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2024-12053 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a…
CVE-2024-12692 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-12693 — CVSS 8.8 (high): Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a…
CVE-2024-12694 — CVSS 8.8 (high): Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2024-12695 — CVSS 8.8 (high): Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via…
CVE-2024-5493 — CVSS 8.8 (high): Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-5494 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-5495 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-5496 — CVSS 8.8 (high): Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a…
CVE-2024-5497 — CVSS 8.8 (high): Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage…
CVE-2024-5498 — CVSS 8.8 (high): Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap…
CVE-2024-5499 — CVSS 8.8 (high): Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a…
CVE-2024-5830 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2024-5831 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-5832 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-5833 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access…
CVE-2024-5834 — CVSS 8.8 (high): Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a…
CVE-2024-5835 — CVSS 8.8 (high): Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in…
CVE-2024-5836 — CVSS 8.8 (high): Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a…
CVE-2024-5837 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access…
CVE-2024-5838 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform out of bounds memory access via a crafted…
CVE-2024-5841 — CVSS 8.8 (high): Use after free in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2024-5842 — CVSS 8.8 (high): Use after free in Browser UI in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific…
CVE-2024-5844 — CVSS 8.8 (high): Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read…
CVE-2024-5845 — CVSS 8.8 (high): Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-5846 — CVSS 8.8 (high): Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-5847 — CVSS 8.8 (high): Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6100 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page…
CVE-2024-6101 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory…
CVE-2024-6103 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6290 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6291 — CVSS 8.8 (high): Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2024-6292 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6293 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6772 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory…
CVE-2024-6773 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap…
CVE-2024-6774 — CVSS 8.8 (high): Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in…
CVE-2024-6775 — CVSS 8.8 (high): Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in…
CVE-2024-6776 — CVSS 8.8 (high): Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6988 — CVSS 8.8 (high): Use after free in Downloads in Google Chrome on iOS prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-6989 — CVSS 8.8 (high): Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6990 — CVSS 8.8 (high): Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds…
CVE-2024-6991 — CVSS 8.8 (high): Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6994 — CVSS 8.8 (high): Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2024-6997 — CVSS 8.8 (high): Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI…
CVE-2024-6998 — CVSS 8.8 (high): Use after free in User Education in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in…
CVE-2024-7000 — CVSS 8.8 (high): Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI…
CVE-2024-7025 — CVSS 8.8 (high): Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-7255 — CVSS 8.8 (high): Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds…
CVE-2024-7256 — CVSS 8.8 (high): Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code…
CVE-2024-7532 — CVSS 8.8 (high): Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap…
CVE-2024-7533 — CVSS 8.8 (high): Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-11114 — CVSS 8.3 (high): Inappropriate implementation in Views in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker who had compromised the…
CVE-2025-0611 — CVSS 8.2 (high): Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-1915 — CVSS 8.1 (high): Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an…
CVE-2024-10229 — CVSS 8.1 (high): Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a…
CVE-2025-0997 — CVSS 8.1 (high): Use after free in Navigation in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-7977 — CVSS 7.8 (high): Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege…
CVE-2024-7979 — CVSS 7.8 (high): Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege…
CVE-2024-9956 — CVSS 7.8 (high): Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform…
CVE-2024-7980 — CVSS 7.8 (high): Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege…
CVE-2025-0612 — CVSS 7.5 (high): Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-9960 — CVSS 7.5 (high): Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2024-6778 — CVSS 7.5 (high): Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to…
CVE-2025-0442 — CVSS 6.5 (medium): Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage…
CVE-2025-0435 — CVSS 6.5 (medium): Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI…
CVE-2024-11110 — CVSS 6.5 (medium): Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a…
CVE-2024-6777 — CVSS 6.5 (medium): Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious…
CVE-2025-3070 — CVSS 6.5 (medium): Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform…
CVE-2025-1921 — CVSS 6.5 (medium): Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about…
CVE-2024-5839 — CVSS 6.5 (medium): Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit…
CVE-2024-5840 — CVSS 6.5 (medium): Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a…
CVE-2024-5843 — CVSS 6.5 (medium): Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a…
CVE-2025-0439 — CVSS 6.5 (medium): Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to…
CVE-2025-0440 — CVSS 6.5 (medium): Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI…
CVE-2025-0441 — CVSS 6.5 (medium): Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially…
CVE-2025-0444 — CVSS 6.3 (medium): Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2025-4051 — CVSS 6.3 (medium): Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage…
CVE-2025-0451 — CVSS 6.3 (medium): Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to…
CVE-2024-8907 — CVSS 6.1 (medium): Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user…
CVE-2025-3071 — CVSS 5.4 (medium): Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to…
CVE-2025-3073 — CVSS 5.4 (medium): Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage…
CVE-2025-0996 — CVSS 5.4 (medium): Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the…
CVE-2025-3072 — CVSS 5.4 (medium): Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to…
CVE-2025-0445 — CVSS 5.4 (medium): Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2025-3074 — CVSS 5.4 (medium): Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a…
CVE-2024-9966 — CVSS 5.3 (medium): Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security…
CVE-2024-6995 — CVSS 4.7 (medium): Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a…
CVE-2024-11111 — CVSS 4.3 (medium): Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage…
CVE-2025-1923 — CVSS 4.3 (medium): Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to…
CVE-2024-9958 — CVSS 4.3 (medium): Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing…
CVE-2024-9962 — CVSS 4.3 (medium): Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to…
CVE-2024-9963 — CVSS 4.3 (medium): Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage…
CVE-2024-9964 — CVSS 4.3 (medium): Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage…
CVE-2025-1917 — CVSS 4.3 (medium): Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI…
CVE-2024-7975 — CVSS 4.3 (medium): Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a…
CVE-2024-7976 — CVSS 4.3 (medium): Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a…
CVE-2024-7978 — CVSS 4.3 (medium): Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to…
CVE-2024-7981 — CVSS 4.3 (medium): Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a…
CVE-2024-8033 — CVSS 4.3 (medium): Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user…
CVE-2024-8034 — CVSS 4.3 (medium): Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to perform UI…
CVE-2024-8035 — CVSS 4.3 (medium): Inappropriate implementation in Extensions in Google Chrome on Windows prior to 128.0.6613.84 allowed a remote attacker to perform UI…
CVE-2025-0446 — CVSS 4.3 (medium): Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage…
CVE-2025-0448 — CVSS 4.3 (medium): Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a…
CVE-2024-8906 — CVSS 4.3 (medium): Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in…
CVE-2024-11116 — CVSS 4.3 (medium): Inappropriate implementation in Blink in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in…
CVE-2024-8908 — CVSS 4.3 (medium): Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a…
CVE-2024-8909 — CVSS 4.3 (medium): Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a…
CVE-2024-11117 — CVSS 4.3 (medium): Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem…
CVE-2024-6999 — CVSS 4.3 (medium): Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in…
CVE-2025-1922 — CVSS 4.3 (medium): Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user…
CVE-2024-7001 — CVSS 4.3 (medium): Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in…
CVE-2024-7003 — CVSS 4.3 (medium): Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in…
CVE-2024-7004 — CVSS 4.3 (medium): Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced…
CVE-2024-7005 — CVSS 4.3 (medium): Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced…
CVE-2024-6996 — CVSS 3.1 (low): Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to…