Skip to main content
CVE-2025-8879 HIGH PATCH This Month

Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Google Chrome Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-4410 HIGH This Month

A buffer overflow vulnerability exists in the module SetupUtility. Rated high severity (CVSS 7.5). No vendor patch available.

Buffer Overflow RCE
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-4277 HIGH This Month

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level. Rated high severity (CVSS 7.5). No vendor patch available.

RCE
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-4276 HIGH This Month

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level. Rated high severity (CVSS 7.5). No vendor patch available.

RCE
NVD
CVSS 3.1
7.5
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy