Search for packages
| purl | pkg:deb/debian/chromium@0?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1p1e-qtgg-xug2 | Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2020-15998
|
| VCID-1q1f-e83d-bfc2 | Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. |
CVE-2019-5817
|
| VCID-1vjh-bakg-nucp | Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2020-15997
|
| VCID-3xxe-qw13-rkeg | Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
CVE-2021-21164
|
| VCID-5fwb-csx4-8fgj | chromium-browser: Privilege elevation in Installer |
CVE-2019-13702
|
| VCID-66rz-x72r-d3fh | Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) |
CVE-2023-7261
|
| VCID-6k44-u9k6-afgp | Use after free in passwords in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2020-15996
|
| VCID-71zm-qgye-v3c2 | chromium-browser: Inappropriate implementation in installer |
CVE-2020-6417
|
| VCID-8px2-sgsk-1fcw | Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. |
CVE-2019-5834
|
| VCID-a1sy-tfvz-5ubf | Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-7021
|
| VCID-bw86-ezjs-tfa7 | Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-12905
|
| VCID-cgr6-xp6x-hber | chromium-browser: Use after free in SwiftShader |
CVE-2019-5761
|
| VCID-cjyy-7yvw-gfej | Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. |
CVE-2019-5816
|
| VCID-dj3p-6h24-3qc1 | Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. |
CVE-2019-5873
|
| VCID-duju-svc2-2bc4 | Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page. |
CVE-2018-20069
|
| VCID-etth-sc6p-fugx | Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2020-16010
|
| VCID-f2ux-yfbf-uqc7 | Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a crafted QR code. (Chromium security severity: Low) |
CVE-2024-13983
|
| VCID-fk1c-w3qh-jkfn | Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2020-15994
|
| VCID-he43-f8s5-qkh1 | Inappropriate implementation in Intents in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-11919
|
| VCID-hq3a-3as3-d3ff | Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code via a crafted HTML page. |
CVE-2020-16046
|
| VCID-hq96-p3h1-sfcc | Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: High) |
CVE-2024-1694
|
| VCID-jeps-n2c2-mud1 | Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2020-15993
|
| VCID-jyw2-fu8s-3fha | Google Chrome: chromium: webkitgtk: Out of bounds memory access via crafted HTML page |
CVE-2025-14174
|
| VCID-kdx5-n8yu-cydh | chromium-browser: Heap buffer overflow in SwiftShader |
CVE-2019-5771
|
| VCID-kz5b-83f4-cfbb | Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2020-16045
|
| VCID-m6pd-kmm1-7beb | Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. |
CVE-2020-6477
|
| VCID-m7r2-6xnm-syge | chromium-browser: Insufficient policy enforcement in installer |
CVE-2020-6574
|
| VCID-mpzk-sq2p-ukgj | Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a series of curated UI gestures. (Chromium security severity: Medium) |
CVE-2024-9126
|
| VCID-nmh4-zpeh-4bcr | Multiple vulnerabilities have been found in Expat, the worst of which could result in a Denial of Service condition. |
CVE-2019-15903
|
| VCID-qc18-z4pg-5ufh | Insufficient policy enforcement in Google Update in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to read arbitrary files via a malicious file. (Chromium security severity: Medium) |
CVE-2021-4324
|
| VCID-r6d9-kua5-k3ga | Multiple vulnerabilities have been found in Chromium, the worst of which could result in the remote execution of code. |
CVE-2019-5804
|
| VCID-szz6-dguv-7ydd | Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-11920
|
| VCID-ue91-afqc-vqf7 | chromium-browser: Insufficient data validation in installer |
CVE-2020-16007
|
| VCID-uk2u-vecc-h7ft | Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-13102
|
| VCID-us2y-bycw-xfe2 | chromium-browser: Inappropriate implementation in installer |
CVE-2020-6546
|
| VCID-v841-kzr6-cyfy | Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. |
CVE-2022-2587
|
| VCID-vns8-bphd-3ydf | chromium-browser: Heap buffer overflow in UI on Windows |
CVE-2020-16011
|
| VCID-vyw3-eem1-cyab | Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High) |
CVE-2022-0337
|
| VCID-wz9a-prsr-xfh4 | Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. |
CVE-2019-5812
|
| VCID-x624-egz6-43gf | Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-12908
|
| VCID-yfng-bxev-dudk | chromium-browser: Insufficient policy enforcement in iOS |
CVE-2020-6558
|
| VCID-ynh6-wjt1-9uc2 | Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium) |
CVE-2024-7023
|
| VCID-ynz5-4eny-pudy | Multiple vulnerabilities have been found in Chromium, the worst of which could result in the remote execution of code. |
CVE-2019-5801
|
| VCID-zjtf-w6bv-dbfe | mojo: chromium: chromium Mojo on Windows |
CVE-2025-2783
|