Total
3354 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2915 | 1 Google | 1 Chrome | 2023-12-10 | 4.3 MEDIUM | N/A |
| Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL. | |||||
| CVE-2013-2839 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2913 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. | |||||
| CVE-2011-3069 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. | |||||
| CVE-2013-2840 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846. | |||||
| CVE-2012-2647 | 3 Apple, Google, Yahoo | 3 Safari, Chrome, Toolbar | 2023-12-10 | 5.8 MEDIUM | N/A |
| Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page. | |||||
| CVE-2012-2807 | 3 Apple, Google, Linux | 3 Iphone Os, Chrome, Linux Kernel | 2023-12-10 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-2848 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
| The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2012-5115 | 2 Apple, Google | 2 Mac Os X, Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitigate improper write behavior in graphics drivers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger "wild writes." | |||||
| CVE-2013-0832 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-12-10 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. | |||||
| CVE-2012-5144 | 4 Canonical, Google, Libav and 1 more | 4 Ubuntu Linux, Chrome, Libav and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
| Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." | |||||
| CVE-2011-3084 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page. | |||||
| CVE-2013-0841 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-2859 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors. | |||||
| CVE-2012-5112 | 2 Apple, Google | 2 Iphone Os, Chrome | 2023-12-10 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2013-0908 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
| Google Chrome before 25.0.1364.152 does not properly manage bindings of extension processes, which has unspecified impact and attack vectors. | |||||
| CVE-2012-5153 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-12-10 | 7.5 HIGH | N/A |
| Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. | |||||
| CVE-2013-6625 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. | |||||
| CVE-2013-2847 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
| Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-2874 | 2 Google, Microsoft | 2 Chrome, Windows | 2023-12-10 | 4.3 MEDIUM | N/A |
| Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to bypass intended restrictions on access to screen data via vectors involving IPC transmission of GL textures. | |||||