Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 15328 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-3074 1 Google 1 Chrome 2026-06-17 N/A 5.4 MEDIUM
Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3073 1 Google 1 Chrome 2026-06-17 N/A 5.4 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3072 1 Google 1 Chrome 2026-06-17 N/A 5.4 MEDIUM
Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3071 1 Google 1 Chrome 2026-06-17 N/A 5.4 MEDIUM
Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2025-3070 1 Google 1 Chrome 2026-06-17 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-3069 1 Google 1 Chrome 2026-06-17 N/A 8.8 HIGH
Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-3068 1 Google 1 Chrome 2026-06-17 N/A 8.8 HIGH
Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-3067 1 Google 2 Android, Chrome 2026-06-17 N/A 8.8 HIGH
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)
CVE-2025-3066 1 Google 1 Chrome 2026-06-17 N/A 8.8 HIGH
Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-3012 2 Google, Unisoc 5 Android, T8100, T8200 and 2 more 2026-06-17 N/A 7.5 HIGH
In dpc modem, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed
CVE-2025-36938 1 Google 1 Android 2026-06-17 N/A 6.8 MEDIUM
In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the code. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36937 1 Google 1 Android 2026-06-17 N/A 9.8 CRITICAL
In AudioDecoder::HandleProduceRequest of audio_decoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36936 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In GetTachyonCommand of tachyon_server_common.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36935 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36934 1 Google 1 Android 2026-06-17 N/A 7.4 HIGH
In bigo_worker_thread of private/google-modules/video/gchips/bigo.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36932 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In tracepoint_msg_handler of cpm/google/lib/tracepoint/tracepoint_ipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36931 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36930 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36929 1 Google 1 Android 2026-06-17 N/A 5.5 MEDIUM
In AreFencesRegistered of gxp_fence_manager.cc, there is a possible information leak due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-36928 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.