Total
3786 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3047 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 9.3 HIGH | N/A |
| The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an error in the plug-in loading mechanism. | |||||
| CVE-2011-3915 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts. | |||||
| CVE-2012-2877 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 5.0 MEDIUM | N/A |
| The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2013-6652 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-04-11 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism. | |||||
| CVE-2013-6916 | 3 Cybozu, Google, Microsoft | 3 Garoon, Chrome, Internet Explorer | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Yahoo! User Interface Library in Cybozu Garoon before 3.7.2, when Internet Explorer 9 or 10 or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-4199 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 6.8 MEDIUM | 8.8 HIGH |
| Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document. | |||||
| CVE-2011-1815 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vectors related to extensions. | |||||
| CVE-2013-2905 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. | |||||
| CVE-2010-2649 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (application crash) via an invalid image. | |||||
| CVE-2012-5851 | 2 Apple, Google | 3 Safari, Webkit, Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108. | |||||
| CVE-2010-2302 | 3 Google, Opensuse, Suse | 4 Chrome, Opensuse, Suse Linux Enterprise Desktop and 1 more | 2025-04-11 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. | |||||
| CVE-2012-4908 | 1 Google | 2 Android, Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. | |||||
| CVE-2010-3417 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors. | |||||
| CVE-2011-1818 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3967 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via a crafted certificate. | |||||
| CVE-2012-2900 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 22.0.1229.92, does not properly render text, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-1452 | 1 Google | 1 Chrome | 2025-04-11 | 5.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. | |||||
| CVE-2011-1811 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 12.0.742.91 does not properly handle a large number of form submissions, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2011-3016 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. | |||||
| CVE-2011-2790 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. | |||||