Filtered by vendor Google
Subscribe
Total
13548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1809 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2010-4033 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors.
|
|||||
| CVE-2012-5154 | 3 Google, Microsoft, Opensuse | 3 Chrome, Windows, Opensuse | 2025-04-11 | 7.5 HIGH | N/A |
|
Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory.
|
|||||
| CVE-2011-4865 | 2 Google, Tencent | 3 Android, Microblogpad, Wblog | 2025-04-11 | 5.8 MEDIUM | N/A |
|
The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search keywords via a crafted application.
|
|||||
| CVE-2012-2884 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2010-4486 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
|
Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling.
|
|||||
| CVE-2011-3115 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption."
|
|||||
| CVE-2011-2351 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.
|
|||||
| CVE-2012-2843 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking.
|
|||||
| CVE-2011-2358 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.
|
|||||
| CVE-2013-2317 | 2 Fenrir-inc, Google | 2 Sleipnir Mobile, Android | 2025-04-11 | 5.8 MEDIUM | N/A |
|
The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile Black Edition application 2.9.1 and earlier for Android allow remote attackers to spoof the address bar via vectors involving the opening of a new window.
|
|||||
| CVE-2010-3114 | 3 Canonical, Google, Webkitgtk | 3 Ubuntu Linux, Chrome, Webkitgtk | 2025-04-11 | 10.0 HIGH | N/A |
|
The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/.
|
|||||
| CVE-2011-3066 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2012-1385 | 2 Google, Netease | 2 Android, Netease Weibohd | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) application 1.0.0 for Android has unknown impact and attack vectors.
|
|||||
| CVE-2011-2850 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2010-3413 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in the pop-up blocking functionality in Google Chrome before 6.0.472.59 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
|
|||||
| CVE-2011-2450 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
|
|||||
| CVE-2012-2859 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 21.0.1180.57 on Linux does not properly handle tabs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
|
|||||
| CVE-2011-1691 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted ...
Show More |
|||||
| CVE-2011-3904 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling.
|
|||||
| CVE-2011-2345 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2010-0651 | 2 Apple, Google | 3 Safari, Webkit, Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.
|
|||||
| CVE-2010-3259 | 4 Apple, Canonical, Google and 1 more | 5 Iphone Os, Safari, Ubuntu Linux and 2 more | 2025-04-11 | 4.3 MEDIUM | N/A |
|
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site.
|
|||||
| CVE-2012-5153 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 7.5 HIGH | N/A |
|
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory.
|
|||||
| CVE-2013-2854 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
|||||
| CVE-2012-1388 | 2 Google, Xixun | 2 Android, Xixuntiantian | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) application 0.6.2 beta for Android has unknown impact and attack vectors.
|
|||||
| CVE-2011-3022 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.
|
|||||
| CVE-2011-3052 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2013-2832 | 1 Google | 1 Chrome Os | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote attackers to obtain sensitive information via unspecified vectors.
|
|||||
| CVE-2012-2822 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-0472 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | 9.3 HIGH | N/A |
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a multi-page document.
|
|||||
| CVE-2010-0556 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element.
|
|||||
| CVE-2013-3344 | 5 Adobe, Apple, Google and 2 more | 5 Flash Player, Mac Os X, Android and 2 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2012-1475 | 2 Google, Qualcomm | 2 Android, Yagattatalk Messenger | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors.
|
|||||
| CVE-2011-3060 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2013-2921 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry.
|
|||||
| CVE-2010-3644 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
|
|||||
| CVE-2012-2826 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2011-1108 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.
|
|||||
| CVE-2013-2904 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document.
|
|||||