ALT-PU-2025-13054-2
Closed vulnerabilities
Modified: 2025-12-26
BDU:2025-11244
Уязвимость интерфейса ServiceWorker браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-12-26
BDU:2025-11245
Уязвимость IPC-библиотеки Mojo браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю обойти ограничения безопасности
Modified: 2025-12-26
BDU:2025-11453
Уязвимость компонента Dawn браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код
Modified: 2025-12-26
BDU:2025-11454
Уязвимость компонента WebRTC браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код
Modified: 2025-12-26
BDU:2025-11455
Уязвимость компонента ANGLE браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код
Modified: 2025-12-26
BDU:2025-11457
Уязвимость компонента V8 браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код
Modified: 2025-12-26
BDU:2025-12390
Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-12-26
BDU:2025-12391
Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-12-26
BDU:2025-12392
Уязвимость обработчика JavaScript-сценариев V8 браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2025-12-26
BDU:2025-12620
Уязвимость компонента WebGPU браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код
Modified: 2025-12-26
BDU:2025-12621
Уязвимость компонента Video браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код
Modified: 2025-12-26
BDU:2025-13066
Уязвимость функции синхронизации Sync браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-12-26
BDU:2025-13067
Уязвимость компонента Storage браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2025-12-26
BDU:2025-13190
Уязвимость компонента Tab браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2025-09-22
CVE-2025-10200
Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Modified: 2025-09-22
CVE-2025-10201
Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-09-25
CVE-2025-10500
Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-09-25
CVE-2025-10501
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-09-25
CVE-2025-10502
Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
Modified: 2025-10-30
CVE-2025-10585
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-09-25
CVE-2025-10890
Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-09-25
CVE-2025-10891
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-09-25
CVE-2025-10892
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-11-13
CVE-2025-11205
Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-11-13
CVE-2025-11206
Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-11-13
CVE-2025-11207
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11208
Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11209
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11210
Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11211
Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11212
Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11213
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11215
Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
Modified: 2025-11-13
CVE-2025-11216
Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. (Chromium security severity: Low)
Modified: 2025-11-13
CVE-2025-11219
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Low)
Modified: 2025-11-25
CVE-2025-11458
Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
Modified: 2025-11-25
CVE-2025-11460
Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. (Chromium security severity: High)
Closed bugs
Некорректное создание ярлыков сайтов