Filtered by vendor Google
Subscribe
Total
1875 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-0985 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors. | |||||
CVE-2011-1446 | 1 Google | 1 Chrome | 2023-12-10 | 5.8 MEDIUM | N/A |
Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving (1) a navigation error or (2) an interrupted load. | |||||
CVE-2012-1475 | 2 Google, Qualcomm | 2 Android, Yagattatalk Messenger | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors. | |||||
CVE-2011-2415 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414. | |||||
CVE-2010-3258 | 1 Google | 1 Chrome | 2023-12-10 | 9.3 HIGH | N/A |
The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors. | |||||
CVE-2010-1235 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors. | |||||
CVE-2011-2460 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459. | |||||
CVE-2011-2880 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. | |||||
CVE-2011-1812 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via vectors related to extensions. | |||||
CVE-2011-1450 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | |||||
CVE-2010-4008 | 9 Apache, Apple, Canonical and 6 more | 15 Openoffice, Iphone Os, Itunes and 12 more | 2023-12-10 | 4.3 MEDIUM | N/A |
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | |||||
CVE-2011-2344 | 1 Google | 1 Android | 2023-12-10 | 10.0 HIGH | N/A |
Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote attackers to gain privileges and access private pictures and web albums by sniffing the token from connections with picasaweb.google.com. | |||||
CVE-2010-0657 | 2 Google, Microsoft | 2 Chrome, Windows | 2023-12-10 | 9.3 HIGH | N/A |
Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sensitive information by tricking a user into creating a crafted shortcut. | |||||
CVE-2011-3908 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-2345 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-3896 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. | |||||
CVE-2012-1474 | 2 Google, Sdo | 2 Android, Youni Sms | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Youni SMS (com.snda.youni) application 2.1.0c and 2.1.0d for Android has unknown impact and attack vectors. | |||||
CVE-2010-4576 | 1 Google | 2 Chrome, Chrome Os | 2023-12-10 | 5.0 MEDIUM | N/A |
browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. | |||||
CVE-2010-0655 | 1 Google | 1 Chrome | 2023-12-10 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site. | |||||
CVE-2010-3248 | 2 Canonical, Google | 2 Ubuntu Linux, Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors. |