Filtered by vendor Google
Subscriptions
Filtered by product Chrome
Subscriptions
Total
3753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-2896 | 2 Apple, Google | 2 Mac Os X, Chrome | 2025-04-11 | N/A |
| Integer overflow in the WebGL implementation in Google Chrome before 22.0.1229.79 on Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2011-1295 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2025-04-11 | N/A |
| WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2011-2856 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | ||||
| CVE-2012-2871 | 4 Apple, Google, Redhat and 1 more | 4 Iphone Os, Chrome, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. | ||||
| CVE-2011-2853 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. | ||||
| CVE-2011-3046 | 3 Apple, Google, Opensuse | 4 Iphone Os, Safari, Chrome and 1 more | 2025-04-11 | N/A |
| The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. | ||||
| CVE-2010-4578 | 2 Debian, Google | 3 Debian Linux, Chrome, Chrome Os | 2025-04-11 | N/A |
| Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | ||||
| CVE-2011-2848 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to the forward button. | ||||
| CVE-2011-2847 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | ||||
| CVE-2010-4576 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | N/A |
| browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. | ||||
| CVE-2013-2866 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | N/A |
| The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Google Chrome OS before 27.0.1453.116 and separately, does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property. | ||||
| CVE-2013-2856 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. | ||||
| CVE-2011-2845 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2025-04-11 | N/A |
| Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors. | ||||
| CVE-2011-1296 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | N/A |
| Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | ||||
| CVE-2011-2844 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2010-4574 | 2 Google, Linux | 3 Chrome, Chrome Os, Linux Kernel | 2025-04-11 | N/A |
| The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or possibly have unspecified other impact, via invalid pickle data. | ||||
| CVE-2011-2843 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2013-2843 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech data. | ||||
| CVE-2011-1286 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory. | ||||
| CVE-2011-0784 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio. | ||||