Filtered by vendor Google
Subscribe
Total
11891 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2872 | 2 Apple, Google | 2 Mac Os X, Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for renderer processes, which might make it easier for remote attackers to defeat cryptographic protection mechanisms in third-party components via unspecified vectors. | |||||
CVE-2012-2887 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events. | |||||
CVE-2013-2854 | 2 Google, Microsoft | 2 Chrome, Windows | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
CVE-2013-0883 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. | |||||
CVE-2012-5249 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | |||||
CVE-2012-5820 | 1 Google | 1 Admob | 2023-12-10 | 5.8 MEDIUM | N/A |
The developer-account sample code in Google AdMob does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
CVE-2013-2632 | 1 Google | 2 Chrome, V8 | 2023-12-10 | 6.8 MEDIUM | N/A |
Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game. | |||||
CVE-2012-5111 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 22.0.1229.92 does not monitor for crashes of Pepper plug-ins, which has unspecified impact and remote attack vectors. | |||||
CVE-2013-2915 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL. | |||||
CVE-2013-0751 | 2 Google, Mozilla | 3 Android, Firefox, Seamonkey | 2023-12-10 | 5.8 MEDIUM | N/A |
Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document. | |||||
CVE-2013-2839 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
CVE-2013-2913 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. | |||||
CVE-2011-3069 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. | |||||
CVE-2013-2840 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846. | |||||
CVE-2012-2647 | 3 Apple, Google, Yahoo | 3 Safari, Chrome, Toolbar | 2023-12-10 | 5.8 MEDIUM | N/A |
Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page. | |||||
CVE-2012-2807 | 3 Apple, Google, Linux | 3 Iphone Os, Chrome, Linux Kernel | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2013-2848 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors. | |||||
CVE-2012-5115 | 2 Apple, Google | 2 Mac Os X, Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitigate improper write behavior in graphics drivers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger "wild writes." | |||||
CVE-2013-0832 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. | |||||
CVE-2012-5144 | 4 Canonical, Google, Libav and 1 more | 4 Ubuntu Linux, Chrome, Libav and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." |