Total
3816 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2922 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE element.
|
|||||
| CVE-2013-0885 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors.
|
|||||
| CVE-2011-3090 | 1 Google | 1 Chrome | 2025-04-11 | 7.6 HIGH | N/A |
|
Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes.
|
|||||
| CVE-2011-3025 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2013-2846 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.
|
|||||
| CVE-2010-3412 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
|
Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impact and attack vectors.
|
|||||
| CVE-2011-2801 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader.
|
|||||
| CVE-2011-2829 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays.
|
|||||
| CVE-2011-1116 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
|||||
| CVE-2011-3033 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 7.5 HIGH | N/A |
|
Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2013-2871 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.
|
|||||
| CVE-2010-4036 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remote attackers to spoof URLs via unspecified vectors.
|
|||||
| CVE-2011-3877 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the appcache internals page in Google Chrome before 15.0.874.102 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2011-1113 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
|
|||||
| CVE-2013-1489 | 5 Google, Microsoft, Mozilla and 2 more | 6 Chrome, Internet Explorer, Firefox and 3 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability.
|
|||||
| CVE-2011-3895 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
|
|||||
| CVE-2010-4206 | 3 Fedoraproject, Google, Webkitgtk | 3 Fedora, Chrome, Webkitgtk | 2025-04-11 | 6.8 MEDIUM | 8.8 HIGH |
|
Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SVG document, related to effects in the application of filters.
|
|||||
| CVE-2013-2903 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents.
|
|||||
| CVE-2011-2788 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.
|
|||||
| CVE-2011-3085 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values.
|
|||||
| CVE-2011-1444 | 3 Debian, Google, Linux | 3 Debian Linux, Chrome, Linux Kernel | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2013-2866 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Google Chrome OS before 27.0.1453.116 and separately, does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
|
|||||
| CVE-2011-3917 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2011-3099 | 1 Google | 1 Chrome | 2025-04-11 | 10.0 HIGH | N/A |
|
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding.
|
|||||
| CVE-2011-3884 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
|
|||||
| CVE-2013-0891 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob.
|
|||||
| CVE-2010-2652 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Google Chrome before 5.0.375.99 does not properly implement modal dialogs, which allows attackers to cause a denial of service (application crash) via unspecified vectors.
|
|||||
| CVE-2011-1194 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors.
|
|||||
| CVE-2011-1123 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors.
|
|||||
| CVE-2012-2647 | 3 Apple, Google, Yahoo | 3 Safari, Chrome, Toolbar | 2025-04-11 | 5.8 MEDIUM | N/A |
|
Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page.
|
|||||
| CVE-2010-4205 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | 9.8 CRITICAL |
|
Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
|||||
| CVE-2011-1804 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
|||||
| CVE-2011-3880 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a delimiter in HTTP headers, which has unknown impact and remote attack vectors.
|
|||||
| CVE-2011-1443 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
|
|||||
| CVE-2011-0476 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | 10.0 HIGH | N/A |
|
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a PDF document that triggers an out-of-memory error.
|
|||||
| CVE-2010-1825 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
|
Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements.
|
|||||
| CVE-2013-6644 | 6 Apple, Debian, Google and 3 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
|||||
| CVE-2011-2599 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Google Chrome 11 does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader.
|
|||||
| CVE-2010-4197 | 3 Fedoraproject, Google, Webkitgtk | 3 Fedora, Chrome, Webkitgtk | 2025-04-11 | 7.5 HIGH | 9.8 CRITICAL |
|
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing.
|
|||||
| CVE-2011-1203 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
|
|||||