VYPR

rpm package

suse/chromium&distro=SUSE Package Hub 15 SP6

pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6

Vulnerabilities (196)

  • CVE-2025-0612HigJan 22, 2025
    affected < 132.0.6834.110-bp156.2.72.1fixed 132.0.6834.110-bp156.2.72.1

    Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0611HigJan 22, 2025
    affected < 132.0.6834.110-bp156.2.72.1fixed 132.0.6834.110-bp156.2.72.1

    Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0448MedJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-0447HigJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-0446MedJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

  • CVE-2025-0443HigJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0442MedJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0441MedJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0440MedJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0439MedJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0438HigJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0437HigJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0436HigJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0435MedJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0434HigJan 15, 2025
    affected < 132.0.6834.83-bp156.2.69.1fixed 132.0.6834.83-bp156.2.69.1

    Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12695HigDec 18, 2024
    affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1

    Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12694HigDec 18, 2024
    affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1

    Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12693HigDec 18, 2024
    affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1

    Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12692HigDec 18, 2024
    affected < 131.0.6778.204-bp156.2.65.1fixed 131.0.6778.204-bp156.2.65.1

    Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12053HigDec 3, 2024
    affected < 131.0.6778.108-bp156.2.59.1fixed 131.0.6778.108-bp156.2.59.1

    Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

Page 3 of 10