CVEs from 2025
Total
8,928
critical
critical 1,313
high
high 1,950
medium
medium 1,965
low
low 200
% Critical
14.7%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-38072 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in nd_label_data_init() If a faulty CXL memory device returns a broken zero LSA size in its me… | |||
| CVE-2025-38074 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq->log_used with vq->mutex The vhost-scsi completion path may access vq->log_base when vq->log_used is alrea… | |||
| CVE-2025-38076 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: alloc_tag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are… | |||
| CVE-2025-38080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase block_sequence array size [Why] It's possible to generate more than 50 steps in hwss_build_fast_sequenc… | |||
| CVE-2025-38081 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi-rockchip: Fix register out of bounds access Do not write native chip select stuff for GPIO chip selects. GPIOs can be numbere… | |||
| CVE-2025-38082 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix potential out-of-bound write If the caller wrote more characters, count is truncated to the max available spa… | |||
| CVE-2025-38090 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In riocm_cdev_ioctl(RIO_CM_CHAN_SEND) -> cm_chan_msg_send() -… | |||
| CVE-2025-38088 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fix… | |||
| CVE-2025-38092 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: use list_first_entry_or_null for opinfo_get_list() The list_first_entry() macro never returns NULL. If the list is empty … | |||
| CVE-2025-38093 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches hig… | |||
| CVE-2025-38108 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net_sched: red: fix a race in __red_change() Gerrard Tai reported a race condition in RED, whenever SFQ perturb timer fires at th… | |||
| CVE-2025-38094 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: cadence: macb: Fix a possible deadlock in macb_halt_tx. There is a situation where after THALT is set high, TGO stays high a… | |||
| CVE-2025-38095 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dma-buf: insert memory barrier before updating num_fences smp_store_mb() inserts memory barrier after storing operation. It is di… | |||
| CVE-2025-38096 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: don't warn when if there is a FW error iwl_trans_reclaim is warning if it is called when the FW is not alive. But … | |||
| CVE-2025-38098 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't treat wb connector as physical in create_validate_stream_for_sink Don't try to operate on a drm_wb_connect… | |||
| CVE-2025-38099 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken A SCO connection without the proper voice_setting can … | |||
| CVE-2025-38101 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix buffer locking in ring_buffer_subbuf_order_set() Enlarge the critical section in ring_buffer_subbuf_order_set() … | |||
| CVE-2025-38102 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify During our test, it is found that a warning can be trigge… | |||
| CVE-2025-38103 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() Update struct hid_descriptor to better reflect the mandatory… | |||
| CVE-2025-38107 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: fix a race in ets_qdisc_change() Gerrard Tai reported a race condition in ETS, whenever SFQ perturb timer fires a… | |||
| CVE-2025-38113 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their c… | |||
| CVE-2025-38112 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: Fix TOCTOU issue in sk_is_readable() sk->sk_prot->sock_is_readable is a valid function pointer when sk resides in a sockmap.… | |||
| CVE-2025-30193 | unknown | — | — | — | In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a T… | |||
| CVE-2025-30194 | unknown | — | — | — | When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash… | |||
| CVE-2025-38114 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancel_work_sync to avoid deadlock Previously, e1000_down called cancel_work_sync for the e1000 reset task (via e1000… | |||
| CVE-2025-30187 | unknown | — | — | — | In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH excha… | |||
| CVE-2025-38118 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete This reworks MGMT_OP_REMOVE_ADV_MONITOR to not use mgmt_pending_add … | |||
| CVE-2025-38115 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: fix a potential crash on gso_skb handling SFQ has an assumption of always being able to queue at least one pa… | |||
| CVE-2025-38121 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: avoid panic on init failure In case of an error during init, in_hw_restart will be set, but it will never get… | |||
| CVE-2025-38119 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcd_err_handling_prepare() calls ufshcd_rpm_get_sync(). The latter function c… | |||
| CVE-2025-38717 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcm_unattach() syzbot found a race condition when kcm_unattach(psock) and kcm_release(kcm) are ex… | |||
| CVE-2025-38720 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: hibmcge: fix rtnl deadlock issue Currently, the hibmcge netdev acquires the rtnl_lock in pci_error_handlers.reset_prepare() … | |||
| CVE-2025-38722 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix UAF in export_dmabuf() As soon as we'd inserted a file reference into descriptor table, another thread could clos… | |||
| CVE-2025-38733 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/mm: Do not map lowcore with identity mapping Since the identity mapping is pinned to address zero the lowcore is always also… | |||
| CVE-2025-38726 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect After the call to phy_disconnect() netdev->phydev i… | |||
| CVE-2025-20054 | unknown | — | — | — | Uncaught exception in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2025-20103 | unknown | — | — | — | Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2025-38737 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3_init_transform_rq() to initialise buffer to NULL before calling netfs_alloc… | |||
| CVE-2025-39674 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix ESI null pointer dereference ESI/MSI is a performance optimization feature that provides dedicated inter… | |||
| CVE-2025-39677 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdisc_dequeue_internal This issue applies for the following qdiscs: hhf, fq, fq_codel, and f… | |||
| CVE-2025-39678 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL If metric table address is not allocated, accessing metrics_bin w… | |||
| CVE-2025-39679 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor(). When the nvif_vmm_type is invalid, we will return error directly … | |||
| CVE-2025-0439 | unknown | — | — | — | Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium secur… | |||
| CVE-2025-39680 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer The data->block[0] variable comes from user. Without proper check, … | |||
| CVE-2025-0440 | unknown | — | — | — | Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Me… | |||
| CVE-2025-0441 | unknown | — | — | — | Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (C… | |||
| CVE-2025-0445 | unknown | — | — | — | Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-0447 | unknown | — | — | — | Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2025-0451 | unknown | — | — | — | Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a cr… | |||
| CVE-2025-39688 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid() The pynfs DELEG8 test fails when run against nfsd. It acq… | |||
| CVE-2025-0999 | unknown | — | — | — | Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-39690 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iio: accel: sca3300: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that… | |||
| CVE-2025-0612 | unknown | — | — | — | Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-0995 | unknown | — | — | — | Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-1006 | unknown | — | — | — | Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app. (Chromium security severity: Medium) | |||
| CVE-2025-39695 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Flush delayed SKBs while releasing RXE resources When skb packets are sent out, these skb packets still depends on the … | |||
| CVE-2025-39705 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD di… | |||
| CVE-2025-39696 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv During the conversion to unify the calibration data management, the ref… | |||
| CVE-2025-39699 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: prevent NULL deref in iova_to_phys The riscv_iommu_pte_fetch() function returns either NULL for unmapped/never-mappe… | |||
| CVE-2025-10200 | unknown | — | — | — | Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severi… | |||
| CVE-2025-39700 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: ignore migration request to invalid nodes damon_migrate_pages() tries migration even if the target node is i… | |||
| CVE-2025-11205 | unknown | — | — | — | Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML pag… | |||
| CVE-2025-11208 | unknown | — | — | — | Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTM… | |||
| CVE-2025-39704 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in send_ipi_data() Function kvm_io_bus_read() is called in function send_ipi_data(), bu… | |||
| CVE-2025-11209 | unknown | — | — | — | Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium … | |||
| CVE-2025-39707 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities HUBBUB structure is not initialized on DCE hardware, so che… | |||
| CVE-2025-39708 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix NULL pointer dereference A warning reported by smatch indicated a possible null pointer dereference where one of… | |||
| CVE-2025-11210 | unknown | — | — | — | Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted H… | |||
| CVE-2025-39711 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Both the ACE and CSI driver are missing a mei_cldev_d… | |||
| CVE-2025-39712 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval Getting / Setting the frame interval using the V4L2 subdev … | |||
| CVE-2025-11212 | unknown | — | — | — | Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing vi… | |||
| CVE-2025-11213 | unknown | — | — | — | Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing … | |||
| CVE-2025-39717 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: open_tree_attr: do not allow id-mapping changes without OPEN_TREE_CLONE As described in commit 7a54947e727b ('Merge patch series … | |||
| CVE-2025-11460 | unknown | — | — | — | Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. (Chromium security severity: High) | |||
| CVE-2025-39727 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setup_clusters() In setup_swap_map(), we only ensure badpages are in range (0, last_pa… | |||
| CVE-2025-39720 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix refcount leak causing resource not released When ksmbd_conn_releasing(opinfo->conn) returns true,the refcount was not … | |||
| CVE-2025-11756 | unknown | — | — | — | Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote attacker who had compromised the renderer process to potentially perform out of bounds memory access via a cr… | |||
| CVE-2025-12446 | unknown | — | — | — | Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain… | |||
| CVE-2025-12036 | unknown | — | — | — | Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-39721 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for exa… | |||
| CVE-2025-39723 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfs: Fix unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector do… | |||
| CVE-2025-12439 | unknown | — | — | — | Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a … | |||
| CVE-2025-39725 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix hwpoisoned large folio handling in shrink_folio_list In shrink_folio_list(), the hwpoisoned folio may be large fol… | |||
| CVE-2025-39726 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/ism: fix concurrency management in ism_cmd() The s390x ISM device data sheet clearly states that only one request-response s… | |||
| CVE-2025-12440 | unknown | — | — | — | Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive infor… | |||
| CVE-2025-39729 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 __sev_pl… | |||
| CVE-2025-12725 | unknown | — | — | — | Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severit… | |||
| CVE-2025-12726 | unknown | — | — | — | Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a craf… | |||
| CVE-2025-39731 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: vm_unmap_ram() may be called from an invalid context When testing F2FS with xfstests using UFS backed virtual disks the ker… | |||
| CVE-2025-39735 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds read in ea_get() During the "size_check" label in ea_get(), the code checks if the extended attribute… | |||
| CVE-2025-39732 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() ath11k_mac_disable_peer_fixed_rate() is passed as the it… | |||
| CVE-2025-39740 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent potential UAF If we hit the error path, the previous fence (if there is one) has already been put() prior… | |||
| CVE-2025-39733 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: team: replace team lock with rtnl lock syszbot reports various ordering issues for lower instance locks and team lock. Switch to … | |||
| CVE-2025-39734 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Revert "fs/ntfs3: Replace inode_trylock with inode_lock" This reverts commit 69505fe98f198ee813898cbcaf6770949636430b. Initially… | |||
| CVE-2025-12729 | unknown | — | — | — | Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via… | |||
| CVE-2025-13102 | unknown | — | — | — | Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severit… | |||
| CVE-2025-39741 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: don't overflow max copy size With non-page aligned copy, we need to use 4 byte aligned pitch, however the size it… | |||
| CVE-2025-13227 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-13229 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2025-13631 | unknown | — | — | — | Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity… |