Filtered by vendor Google
Subscribe
Search
Total
1878 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3247 | 1 Google | 1 Chrome | 2020-08-03 | 4.3 MEDIUM | N/A |
| Google Chrome before 6.0.472.53 does not properly restrict the characters in URLs, which allows remote attackers to spoof the appearance of the URL bar via homographic sequences. | |||||
| CVE-2010-3248 | 2 Canonical, Google | 2 Ubuntu Linux, Chrome | 2020-08-03 | 5.0 MEDIUM | N/A |
| Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors. | |||||
| CVE-2010-3246 | 1 Google | 1 Chrome | 2020-08-03 | 4.3 MEDIUM | N/A |
| Google Chrome before 6.0.472.53 does not properly handle the _blank value for the target attribute of unspecified elements, which allows remote attackers to bypass the pop-up blocker via unknown vectors. | |||||
| CVE-2010-3120 | 1 Google | 1 Chrome | 2020-08-03 | 10.0 HIGH | N/A |
| Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-2897 | 1 Google | 1 Chrome | 2020-08-03 | 10.0 HIGH | N/A |
| Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors. | |||||
| CVE-2010-3117 | 1 Google | 1 Chrome | 2020-08-03 | 10.0 HIGH | N/A |
| Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-1825 | 1 Google | 1 Chrome | 2020-07-31 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements. | |||||
| CVE-2010-1824 | 2 Apple, Google | 2 Itunes, Chrome | 2020-07-31 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. | |||||
| CVE-2010-3417 | 1 Google | 1 Chrome | 2020-07-31 | 5.0 MEDIUM | N/A |
| Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors. | |||||
| CVE-2010-1823 | 2 Apple, Google | 3 Itunes, Safari, Chrome | 2020-07-31 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. | |||||
| CVE-2010-3415 | 1 Google | 1 Chrome | 2020-07-31 | 10.0 HIGH | N/A |
| Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-3413 | 1 Google | 1 Chrome | 2020-07-31 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the pop-up blocking functionality in Google Chrome before 6.0.472.59 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | |||||
| CVE-2010-3412 | 1 Google | 1 Chrome | 2020-07-31 | 9.3 HIGH | N/A |
| Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impact and attack vectors. | |||||
| CVE-2010-3411 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2020-07-31 | 5.0 MEDIUM | N/A |
| Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attackers to cause a denial of service (assertion failure) via unspecified vectors. | |||||
| CVE-2010-4577 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2020-07-31 | 5.0 MEDIUM | N/A |
| The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | |||||
| CVE-2010-4494 | 10 Apache, Apple, Debian and 7 more | 17 Openoffice, Iphone Os, Itunes and 14 more | 2020-07-31 | 7.5 HIGH | N/A |
| Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | |||||
| CVE-2010-3251 | 1 Google | 1 Chrome | 2020-07-31 | 4.3 MEDIUM | N/A |
| The WebSockets implementation in Google Chrome before 6.0.472.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | |||||
| CVE-2010-4574 | 2 Google, Linux | 3 Chrome, Chrome Os, Linux Kernel | 2020-07-31 | 7.5 HIGH | N/A |
| The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or possibly have unspecified other impact, via invalid pickle data. | |||||
| CVE-2010-4575 | 1 Google | 2 Chrome, Chrome Os | 2020-07-31 | 4.3 MEDIUM | N/A |
| The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension. | |||||
| CVE-2010-4576 | 1 Google | 2 Chrome, Chrome Os | 2020-07-29 | 5.0 MEDIUM | N/A |
| browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. | |||||
| CVE-2010-4578 | 2 Debian, Google | 3 Debian Linux, Chrome, Chrome Os | 2020-07-28 | 7.5 HIGH | N/A |
| Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | |||||
| CVE-2010-4493 | 2 Debian, Google | 2 Debian Linux, Chrome | 2020-07-28 | 4.3 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. | |||||
| CVE-2010-4492 | 2 Debian, Google | 2 Debian Linux, Chrome | 2020-07-28 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations. | |||||
| CVE-2010-3111 | 1 Google | 1 Chrome | 2020-07-28 | 10.0 HIGH | N/A |
| Google Chrome before 6.0.472.53 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors, a different vulnerability than CVE-2010-2897. | |||||
| CVE-2012-6636 | 1 Google | 1 Android Api | 2020-07-28 | 6.8 MEDIUM | N/A |
| The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView component in an application targeted to API level 16 or earlier, a related issue to CVE-2013-4710. | |||||
| CVE-2011-0484 | 1 Google | 2 Chrome, Chrome Os | 2020-07-27 | 7.5 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node." | |||||
| CVE-2011-0477 | 1 Google | 2 Chrome, Chrome Os | 2020-07-27 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-0480 | 3 Canonical, Debian, Google | 4 Ubuntu Linux, Debian Linux, Chrome and 1 more | 2020-07-24 | 9.3 HIGH | N/A |
| Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. | |||||
| CVE-2011-0485 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer." | |||||
| CVE-2011-0479 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 7.5 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer. | |||||
| CVE-2011-0475 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document. | |||||
| CVE-2011-0474 | 2 Debian, Google | 3 Debian Linux, Chrome, Chrome Os | 2020-07-24 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-0470 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 5.0 MEDIUM | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2011-0478 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-0483 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 5.0 MEDIUM | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-0482 | 2 Debian, Google | 3 Debian Linux, Chrome, Chrome Os | 2020-07-24 | 4.3 MEDIUM | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. | |||||
| CVE-2011-0481 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 9.3 HIGH | N/A |
| Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading. | |||||
| CVE-2011-0476 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a PDF document that triggers an out-of-memory error. | |||||
| CVE-2011-0473 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-0472 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 9.3 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a multi-page document. | |||||
| CVE-2011-0471 | 1 Google | 2 Chrome, Chrome Os | 2020-07-24 | 10.0 HIGH | N/A |
| The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-0784 | 1 Google | 1 Chrome | 2020-06-05 | 6.8 MEDIUM | N/A |
| Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio. | |||||
| CVE-2011-0783 | 2 Debian, Google | 2 Debian Linux, Chrome | 2020-06-04 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting." | |||||
| CVE-2011-0781 | 1 Google | 1 Chrome | 2020-06-04 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspecified impact and remote attack vectors. | |||||
| CVE-2011-0780 | 1 Google | 1 Chrome | 2020-06-04 | 6.8 MEDIUM | N/A |
| The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-0779 | 2 Debian, Google | 2 Debian Linux, Chrome | 2020-06-04 | 5.0 MEDIUM | N/A |
| Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension. | |||||
| CVE-2011-0777 | 1 Google | 1 Chrome | 2020-06-04 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading. | |||||
| CVE-2010-4008 | 9 Apache, Apple, Canonical and 6 more | 15 Openoffice, Iphone Os, Itunes and 12 more | 2020-06-04 | 4.3 MEDIUM | N/A |
| libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | |||||
| CVE-2011-0981 | 3 Apple, Debian, Google | 5 Iphone Os, Itunes, Safari and 2 more | 2020-06-04 | 7.5 HIGH | N/A |
| Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-0982 | 1 Google | 1 Chrome | 2020-06-04 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces. | |||||