Filtered by vendor Google
Subscribe
Total
15355 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-8582 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2025-8581 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2025-8580 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2025-8579 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2025-8578 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2025-8577 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2025-8576 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) | |||||
| CVE-2025-8364 | 2 Google, Mozilla | 2 Android, Firefox | 2026-06-17 | N/A | 4.3 MEDIUM |
| A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 141. | |||||
| CVE-2025-8292 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-8042 | 2 Google, Mozilla | 2 Android, Firefox | 2026-06-17 | N/A | 9.8 CRITICAL |
| Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability was fixed in Firefox 141. | |||||
| CVE-2025-8041 | 2 Google, Mozilla | 2 Android, Firefox | 2026-06-17 | N/A | 5.3 MEDIUM |
| In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141. | |||||
| CVE-2025-8011 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-8010 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-17 | N/A | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-7657 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-7656 | 1 Google | 1 Chrome | 2026-06-17 | N/A | 8.8 HIGH |
| Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-71256 | 2 Google, Unisoc | 5 Android, T8100, T8200 and 2 more | 2026-06-17 | N/A | 7.5 HIGH |
| In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | |||||
| CVE-2025-71255 | 2 Google, Unisoc | 17 Android, Sc7731e, Sc9832e and 14 more | 2026-06-17 | N/A | 7.5 HIGH |
| In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | |||||
| CVE-2025-71254 | 2 Google, Unisoc | 17 Android, Sc7731e, Sc9832e and 14 more | 2026-06-17 | N/A | 7.5 HIGH |
| In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | |||||
| CVE-2025-71253 | 2 Google, Unisoc | 17 Android, Sc7731e, Sc9832e and 14 more | 2026-06-17 | N/A | 7.5 HIGH |
| In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | |||||
| CVE-2025-71252 | 2 Google, Unisoc | 17 Android, Sc7731e, Sc9832e and 14 more | 2026-06-17 | N/A | 7.5 HIGH |
| In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | |||||
