4.2

CVSS3.1

CVE-2025-12434 -

Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

๐Ÿ“… Published: Nov. 10, 2025, 8 p.m. ๐Ÿ”„ Last Modified: Nov. 13, 2025, 3:25 p.m.

8.8

CVSS3.1

CVE-2025-12432 - chromium-browser: Race in V8

Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: Nov. 10, 2025, 8 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

4.3

CVSS3.1

CVE-2025-12433 - chromium-browser: Inappropriate implementation in V8

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: Nov. 10, 2025, 8 p.m. ๐Ÿ”„ Last Modified: Nov. 13, 2025, 3:26 p.m.

6.5

CVSS3.1

CVE-2025-12431 - chromium-browser: Inappropriate implementation in Extensions

Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: High)

๐Ÿ“… Published: Nov. 10, 2025, 8 p.m. ๐Ÿ”„ Last Modified: Nov. 13, 2025, 3:26 p.m.

7.5

CVSS3.1

CVE-2025-12430 - chromium-browser: Object lifecycle issue in Media

Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: Nov. 10, 2025, 8 p.m. ๐Ÿ”„ Last Modified: Nov. 13, 2025, 3:26 p.m.

8.8

CVSS3.1

CVE-2025-12429 - chromium-browser: Inappropriate implementation in V8

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: Nov. 10, 2025, 8 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

8.8

CVSS3.1

CVE-2025-12428 - chromium-browser: Type Confusion in V8

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

๐Ÿ“… Published: Nov. 10, 2025, 8 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 5:47 p.m.

5.3

CVSS3.1

CVE-2025-33150 - IBM Cognos Analytics Certified Containers information disclosure

IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages.

๐Ÿ“… Published: Nov. 10, 2025, 7:33 p.m. ๐Ÿ”„ Last Modified: Dec. 12, 2025, 3:14 p.m.

8.8

CVSS3.1

CVE-2025-47932 - Combodo iTop vulnerable to reflected XSS in ajax.render.php render_dashboard

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is rendered via an AJAX call. Versions 2.7.13 and 3.2.2 sanitize the var responsible for the attack.

๐Ÿ“… Published: Nov. 10, 2025, 7:20 p.m. ๐Ÿ”„ Last Modified: Nov. 21, 2025, 9:13 p.m.

8.8

CVSS3.1

CVE-2025-47773 - Combodo iTop has XSS vulnerability in /pages/ajax.render.php

Combodo iTop is a web based IT service management tool. Versions prior to 2.7.13 and 3.2.2 are vulnerable to cross-site scripting when a dashboard is edited via an AJAX call. Versions 2.7.13 and 3.2.2 protect rendered HTML content.

๐Ÿ“… Published: Nov. 10, 2025, 7:13 p.m. ๐Ÿ”„ Last Modified: Nov. 21, 2025, 9:13 p.m.
Total resulsts: 347939
Page 2965 of 34,794
ยซ previous page ยป next page
Filters