Total
3353 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-3072 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows. | |||||
CVE-2012-2844 | 1 Google | 1 Chrome | 2023-12-10 | 9.3 HIGH | N/A |
The PDF functionality in Google Chrome before 20.0.1132.57 does not properly handle JavaScript code, which allows remote attackers to cause a denial of service (incorrect object access) or possibly have unspecified other impact via a crafted document. | |||||
CVE-2012-2847 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site. | |||||
CVE-2011-3076 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. | |||||
CVE-2011-3087 | 1 Google | 1 Chrome | 2023-12-10 | 10.0 HIGH | N/A |
Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors. | |||||
CVE-2011-3104 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2013-2875 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2011-3080 | 1 Google | 1 Chrome | 2023-12-10 | 7.6 HIGH | N/A |
Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors. | |||||
CVE-2012-2825 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. | |||||
CVE-2012-5127 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image. | |||||
CVE-2013-0909 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote attackers to obtain sensitive HTTP Referer information via unspecified vectors. | |||||
CVE-2012-4908 | 1 Google | 2 Android, Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. | |||||
CVE-2011-3077 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue. | |||||
CVE-2011-3108 | 1 Google | 1 Chrome | 2023-12-10 | 10.0 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache. | |||||
CVE-2012-2883 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-12-10 | 7.5 HIGH | N/A |
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874. | |||||
CVE-2011-3075 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. | |||||
CVE-2012-2879 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2023-12-10 | 4.3 MEDIUM | N/A |
Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document. | |||||
CVE-2012-2850 | 4 Apple, Google, Linux and 1 more | 5 Mac Os X, Chrome, Frame and 2 more | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to have an unknown impact via a crafted document. | |||||
CVE-2011-3088 | 1 Google | 1 Chrome | 2023-12-10 | 5.0 MEDIUM | N/A |
Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
CVE-2013-2904 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-12-10 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. |