Total
1179 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2852 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Off-by-one error in Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2011-1809 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2011-2799 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. | |||||
CVE-2010-1504 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI. | |||||
CVE-2011-3897 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. | |||||
CVE-2010-1503 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI. | |||||
CVE-2011-1691 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code. | |||||
CVE-2010-4575 | 1 Google | 2 Chrome, Chrome Os | 2023-12-10 | 4.3 MEDIUM | N/A |
The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension. | |||||
CVE-2011-1811 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
CVE-2010-1237 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element. | |||||
CVE-2011-2844 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-3964 | 1 Google | 1 Chrome | 2023-12-10 | 5.8 MEDIUM | N/A |
Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors. | |||||
CVE-2011-3883 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters. | |||||
CVE-2011-1191 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs. | |||||
CVE-2010-0644 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity. | |||||
CVE-2011-0472 | 1 Google | 2 Chrome, Chrome Os | 2023-12-10 | 9.3 HIGH | N/A |
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a multi-page document. | |||||
CVE-2011-2836 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 14.0.835.163 does not require Infobar interaction before use of the Windows Media Player plug-in, which makes it easier for remote attackers to have an unspecified impact via crafted Flash content. | |||||
CVE-2010-0662 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access to cause a denial of service or possibly have unspecified other impact via bitmap data, related to deserialization. | |||||
CVE-2011-2351 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. | |||||
CVE-2011-2881 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. |