5.4

CVSS3.1

CVE-2025-3073 -

Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: April 21, 2025, 8:49 p.m.

5.4

CVSS3.1

CVE-2025-3072 -

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: April 21, 2025, 8:48 p.m.

5.4

CVSS3.1

CVE-2025-3071 -

Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: April 21, 2025, 8:48 p.m.

6.5

CVSS3.1

CVE-2025-3070 -

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: April 7, 2025, 1:28 p.m.

8.8

CVSS3.1

CVE-2025-3069 -

Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: Feb. 26, 2026, 6:29 p.m.

8.8

CVSS3.1

CVE-2025-3068 -

Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: Feb. 26, 2026, 6:29 p.m.

8.6

CVSS4.0

CVE-2025-3067 -

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: Feb. 26, 2026, 6:29 p.m.

8.8

CVSS3.1

CVE-2025-3066 -

Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

📅 Published: April 2, 2025, 12:42 a.m. 🔄 Last Modified: Feb. 26, 2026, 6:29 p.m.

4.7

CVSS3.1

CVE-2025-27692 -

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service, Information disclosure, and Remote execution

📅 Published: April 2, 2025, 12:24 a.m. 🔄 Last Modified: July 11, 2025, 6:01 p.m.

4.9

CVSS3.1

CVE-2025-27693 -

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

📅 Published: April 2, 2025, 12:19 a.m. 🔄 Last Modified: July 11, 2025, 6:02 p.m.

CVE Authored by @aydinnyunus

5.4

CVE-2025-3073 -

5.4

CVE-2025-3072 -

5.4

CVE-2025-3071 -

6.5

CVE-2025-3070 -

8.8

CVE-2025-3069 -

8.8

CVE-2025-3068 -

8.6

CVE-2025-3067 -

8.8

CVE-2025-3066 -

4.7

CVE-2025-27692 -

4.9

CVE-2025-27693 -