) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:google:chrome:131.0.6778.264:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2025-5959 |
Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Published: June 10, 2025; 9:15:21 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5958 |
Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: June 10, 2025; 9:15:20 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5419 |
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: June 02, 2025; 8:15:21 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5068 |
Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Published: June 02, 2025; 8:15:20 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5283 |
Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Published: May 27, 2025; 5:15:23 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5281 |
Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium) Published: May 27, 2025; 5:15:23 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5280 |
Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: May 27, 2025; 5:15:23 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5067 |
Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Published: May 27, 2025; 5:15:22 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5066 |
Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Published: May 27, 2025; 5:15:22 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5065 |
Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Published: May 27, 2025; 5:15:22 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5064 |
Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) Published: May 27, 2025; 5:15:22 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-5063 |
Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: May 27, 2025; 5:15:22 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-4664 |
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) Published: May 14, 2025; 2:15:33 PM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |
| CVE-2025-4372 |
Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Published: May 06, 2025; 6:15:17 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-4096 |
Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: May 05, 2025; 2:15:44 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-4052 |
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low) Published: May 05, 2025; 2:15:44 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-4051 |
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) Published: May 05, 2025; 2:15:44 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-4050 |
Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Published: May 05, 2025; 2:15:43 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-3620 |
Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: April 16, 2025; 5:15:48 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
| CVE-2025-3074 |
Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Published: April 01, 2025; 9:15:38 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |