cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-0448,https://securityvulnerability.io/vulnerability/CVE-2025-0448,UI Spoofing Vulnerability in Google Chrome,"A vulnerability in Google Chrome prior to version 132.0.6834.83 allows remote attackers to manipulate user interface elements via specially crafted HTML pages. This exploitation can mislead users by creating false representations of legitimate content, potentially leading to unauthorized actions or data leakage. Awareness of this vulnerability is critical for maintaining secure browsing experiences.",Google,Chrome,4.3,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:54.689Z,0
CVE-2025-0447,https://securityvulnerability.io/vulnerability/CVE-2025-0447,Privilege Escalation Vulnerability in Google Chrome,"A vulnerability exists in Google Chrome that allows remote attackers to escalate privileges through a specially crafted HTML page. This issue is present in versions prior to 132.0.6834.83, highlighting the risks associated with unpatched software. Users are advised to update their browsers to mitigate potential threats and enhance their security posture.",Google,Chrome,8.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:54.496Z,0
CVE-2025-0446,https://securityvulnerability.io/vulnerability/CVE-2025-0446,UI Spoofing Vulnerability in Google Chrome Extensions,"A vulnerability exists in Google Chrome Extensions that allows a remote attacker to manipulate UI elements when a user performs specific gestures. This issue arises from an inappropriate implementation in the Extensions framework prior to version 132.0.6834.83. When a user is misled into interacting with a malicious Chrome Extension, it can result in UI spoofing, potentially tricking the user into performing actions that could compromise their security.",Google,Chrome,4.3,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:54.310Z,0
CVE-2025-0443,https://securityvulnerability.io/vulnerability/CVE-2025-0443,Data Validation Flaw in Google Chrome Extensions,"A vulnerability in Google Chrome prior to version 132.0.6834.83 arises from insufficient data validation in its Extensions. This flaw allows a remote attacker to exploit specific user interface gestures and perform privilege escalation by using a crafted HTML page. Users are at risk if they are persuaded to interact with malicious content, leading to elevated permissions without their consent.",Google,Chrome,8.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:54.090Z,0
CVE-2025-0442,https://securityvulnerability.io/vulnerability/CVE-2025-0442,UI Spoofing Vulnerability in Google Chrome Payment System,"An inappropriate implementation in the Payments feature of Google Chrome prior to version 132.0.6834.83 enables remote attackers to exploit UI spoofing. This can occur by convincing users to interact with specific user interface gestures on a specially crafted HTML page, potentially leading to manipulation of user actions and exposure to malicious intents. Users are advised to update to the latest version to mitigate this risk.",Google,Chrome,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:53.903Z,0
CVE-2025-0441,https://securityvulnerability.io/vulnerability/CVE-2025-0441,Improper Handling of Fenced Frames in Google Chrome by Google,"The vulnerability involves an inappropriate implementation in the Fenced Frames feature of Google Chrome, which affects versions prior to 132.0.6834.83. This flaw could allow remote attackers to exploit crafted HTML pages to access potentially sensitive information from a user’s system. The issue raises security concerns regarding the handling of isolated browsing contexts, highlighting the need for users to keep their browsers updated to ensure protection against such vulnerabilities.",Google,Chrome,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:53.709Z,0
CVE-2025-0440,https://securityvulnerability.io/vulnerability/CVE-2025-0440,UI Spoofing Vulnerability in Google Chrome on Windows,"A vulnerability in Google Chrome for Windows prior to version 132.0.6834.83 allows remote attackers to deceive users through UI spoofing via a crafted HTML page. This can lead to users being misled into inputting sensitive information, thus compromising security and privacy. The inappropriate implementation of the Fullscreen feature is the root cause of this issue, making users susceptible to potential phishing attacks.",Google,Chrome,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:53.511Z,0
CVE-2025-0439,https://securityvulnerability.io/vulnerability/CVE-2025-0439,UI Spoofing Vulnerability in Google Chrome Affects Multiple Versions,"A race condition in Google Chrome versions prior to 132.0.6834.83 creates a potential security risk allowing remote attackers to manipulate user interface elements. By convincing users to perform specific gestures while interacting with a crafted HTML page, attackers can achieve UI spoofing, which could lead to misleading information being displayed to users.",Google,Chrome,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:53.334Z,0
CVE-2025-0438,https://securityvulnerability.io/vulnerability/CVE-2025-0438,Stack Buffer Overflow Vulnerability in Google Chrome,"A stack buffer overflow vulnerability has been identified in Google Chrome's tracing feature, which affects versions prior to 132.0.6834.83. This vulnerability can be exploited by a remote attacker through a specially crafted HTML page, potentially leading to stack corruption and unauthorized access. Users are advised to update their Chrome browser to ensure protection against this vulnerability and maintain their online security. For more detailed information, check the official Chrome releases blog and related discussions.",Google,Chrome,8.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:52.981Z,0
CVE-2025-0437,https://securityvulnerability.io/vulnerability/CVE-2025-0437,Out of Bounds Read Vulnerability in Google Chrome,"An out of bounds read vulnerability exists in Google Chrome versions prior to 132.0.6834.83, enabling remote attackers to potentially exploit heap corruption through specially crafted HTML pages. This could lead to various security issues, making it essential for users to keep their browsers updated and to exercise caution when browsing untrusted sites.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,false,false,false,2025-01-15T10:58:52.779Z,0
CVE-2025-0436,https://securityvulnerability.io/vulnerability/CVE-2025-0436,Integer Overflow Vulnerability in Google Chrome Affects Multiple Versions,"An integer overflow vulnerability in the Skia graphics library component of Google Chrome can potentially be exploited by a remote attacker. If a user opens a specially crafted HTML page, this could lead to heap corruption, allowing the attacker to execute arbitrary code in the context of the affected application. It is crucial for users to update their browsers to the latest version to mitigate this risk.",Google,Chrome,8.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:52.562Z,0
CVE-2025-0435,https://securityvulnerability.io/vulnerability/CVE-2025-0435,UI Spoofing Vulnerability in Google Chrome on Android,"A vulnerability in Google Chrome on Android before version 132.0.6834.83 allows remote attackers to exploit UI spoofing techniques. By crafting a malicious HTML page, an attacker can manipulate the user interface, potentially misleading users into unwittingly divulging sensitive information or executing unintended actions. This vulnerability highlights the importance of keeping browser versions up-to-date to mitigate exposure to such security risks.",Google,Chrome,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:52.176Z,0
CVE-2025-0434,https://securityvulnerability.io/vulnerability/CVE-2025-0434,Out of Bounds Memory Access in V8 Engine of Google Chrome,"The V8 engine in Google Chrome experiences an out of bounds memory access issue, which could allow remote attackers to exploit the browser's heap memory through a specially crafted HTML page. This vulnerability raises significant security concerns for users, emphasizing the need to update to secure versions promptly.",Google,Chrome,8.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-15T10:58:51.905Z,147
CVE-2024-12694,https://securityvulnerability.io/vulnerability/CVE-2024-12694,Heap Corruption Vulnerability in Google Chrome,"A vulnerability exists in Google Chrome that occurs due to a use after free error in the Compositing component. This flaw enables a remote attacker to leverage crafted HTML pages to potentially exploit heap corruption, leading to unexpected behaviors or crashes within the browser. Users of affected versions are encouraged to upgrade to the latest version to mitigate possible risks associated with this vulnerability.",Google,Chrome,,,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,0
CVE-2024-12693,https://securityvulnerability.io/vulnerability/CVE-2024-12693,Attackers Can Execute Arbitrary Code in Chrome Sandbox Via Crafted HTML Page,"The vulnerability involves an out of bounds memory access issue within the V8 JavaScript engine of Google Chrome. This security flaw permits a remote attacker to potentially execute arbitrary code within a sandboxed environment by sending a specially crafted HTML page. Such vulnerabilities can lead to serious security breaches, making it crucial for users to update their browsers to the latest versions to mitigate potential risks.",Google,Chrome,8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,239
CVE-2024-12695,https://securityvulnerability.io/vulnerability/CVE-2024-12695,Out of Bounds Write Vulnerability in Google Chrome,An out of bounds write vulnerability exists in the V8 engine of Google Chrome. This flaw can be exploited by remote attackers to execute arbitrary code within the context of a sandboxed environment through the use of specially crafted HTML content. Users of affected versions are urged to update their browsers to the latest version to mitigate potential risks associated with this security issue.,Google,Chrome,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,435
CVE-2024-12692,https://securityvulnerability.io/vulnerability/CVE-2024-12692,Heap Corruption Vulnerability in V8 Prior to 131.0.6778.204,"A type confusion vulnerability has been identified in V8, the JavaScript engine used by Google Chrome, prior to version 131.0.6778.204. This vulnerability allows a remote attacker to craft a malicious HTML page that could lead to heap corruption. By leveraging this flaw, attackers may execute arbitrary code or disrupt the functioning of the web browser, posing risks to users who visit compromised or malicious web pages.",Google,Chrome,,,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,197
CVE-2024-12381,https://securityvulnerability.io/vulnerability/CVE-2024-12381,Type Confusion Vulnerability in Google Chrome Prior to 131.0.6778.139,"A type confusion vulnerability in the V8 JavaScript engine used by Google Chrome potentially permits remote attackers to trigger heap corruption via specially crafted HTML content. This exploit could lead to unauthorized access or manipulation of memory, emphasizing the importance of addressing this vulnerability promptly. Users are encouraged to update to the latest version of Google Chrome to mitigate the risk associated with this flaw.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,true,false,false,,false,false,2024-12-12T01:40:00.000Z,0
CVE-2024-12382,https://securityvulnerability.io/vulnerability/CVE-2024-12382,Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed remote attacker to potentially exploit heap corruption via crafted HTML page (Chromium security severity: High),"A vulnerability exists in Google Chrome that allows for use after free conditions in the Translate feature. This flaw may enable an attacker to exploit heap corruption by crafting a specially designed HTML page, potentially compromising the security of systems running affected versions of the browser. Users are encouraged to update to the latest release to mitigate risks associated with this vulnerability.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,true,false,false,,false,false,2024-12-12T01:40:00.000Z,0
CVE-2024-12053,https://securityvulnerability.io/vulnerability/CVE-2024-12053," type confusion in Chrome prior to 131.0.6778.108","The vulnerability CVE-2024-12053 is a type confusion in the V8 Javascript engine of Google Chrome prior to version 131.0.6778.108, with a security severity of High. The nature of the vulnerability allows a remote attacker to potentially exploit object corruption via a crafted HTML page. Google has issued an emergency update for the Chrome browser on all platforms to address this vulnerability. Users are warned to update their browsers immediately to ensure protection. The update for Windows, Mac, and Linux is version 131.0.6778.108, and for Android, it is version 131.0.6778.104. It is recommended for users to ensure that the automatic security update is installed by going to the Help|About option in the Chrome menu and restarting the browser.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,true,false,false,,false,false,2024-12-03T19:15:00.000Z,0
CVE-2024-9369,https://securityvulnerability.io/vulnerability/CVE-2024-9369,Insufficient Data Validation in Google Chrome Affects Mojo Component,"A vulnerability in the Mojo component of Google Chrome has been identified, allowing for insufficient data validation. This flaw enables an attacker, who has managed to compromise the renderer process, to execute an out of bounds memory write through the use of a specially crafted HTML page. The issue underscores the importance of rigorous data validation practices to prevent potential exploitation. Users are encouraged to update to the latest version to mitigate risks associated with this vulnerability.",Google,Chrome,9.6,CRITICAL,0.0006099999882280827,false,false,false,false,,false,false,2024-11-27T18:15:00.000Z,235
CVE-2024-7025,https://securityvulnerability.io/vulnerability/CVE-2024-7025,Integer Overflow Vulnerability in Google Chrome Affects Web Security,"An integer overflow vulnerability exists in the Layout component of Google Chrome versions prior to 129.0.6668.89, allowing a remote attacker to craft a malicious HTML page that could lead to heap corruption. This weakness can potentially be leveraged to manipulate memory allocation, leading to unpredictable behavior within the web browser. Users are encouraged to update to the latest version of Google Chrome to mitigate any associated risks.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-27T18:15:00.000Z,0
CVE-2024-11395,https://securityvulnerability.io/vulnerability/CVE-2024-11395,Type Confusion Vulnerability in Chrome Prior to 131.0.6778.85,Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),Google,Chrome,,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-19T19:11:34.281Z,0
CVE-2024-11115,https://securityvulnerability.io/vulnerability/CVE-2024-11115,Insufficient Policy Enforcement in Google Chrome on iOS,"A vulnerability has been identified in Google Chrome for iOS, stemming from insufficient policy enforcement during navigation activities. This flaw can be exploited by remote attackers to escalate privileges through a sequence of user interface gestures. The exploit takes advantage of weaknesses in the browser's handling of navigation controls, potentially allowing unauthorized access to sensitive functionality and data. Users are urged to update their browser to the latest version to mitigate risks associated with this vulnerability.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11116,https://securityvulnerability.io/vulnerability/CVE-2024-11116,UI Spoofing Vulnerability in Google Chrome,"The vulnerability in Google Chrome relates to an improper implementation in Blink, allowing a remote attacker to manipulate the user interface. By deceiving a user into executing specific UI gestures on a specially crafted HTML page, an attacker could create a deceptive interface that appears legitimate. This exploit emphasizes the importance of user awareness and vigilance while interacting with browser content, as it can lead to unintentional actions or exposure to malicious activities. Users are advised to upgrade to the latest version to mitigate potential risks.",Google,Chrome,4.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0