Total
3786 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3107 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-2804 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2011-1442 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-0649 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages. | |||||
| CVE-2013-2840 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846. | |||||
| CVE-2011-3042 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. | |||||
| CVE-2011-3961 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. | |||||
| CVE-2011-3880 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a delimiter in HTTP headers, which has unknown impact and remote attack vectors. | |||||
| CVE-2011-0984 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-1305 | 3 Apple, Google, Linux | 3 Macos, Chrome, Linux Kernel | 2025-04-11 | 6.8 MEDIUM | N/A |
| Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database. | |||||
| CVE-2011-2793 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors. | |||||
| CVE-2011-2805 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors. | |||||
| CVE-2012-5134 | 3 Apple, Google, Xmlsoft | 3 Iphone Os, Chrome, Libxml2 | 2025-04-11 | 6.8 MEDIUM | N/A |
| Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. | |||||
| CVE-2010-2301 | 3 Google, Opensuse, Suse | 4 Chrome, Opensuse, Suse Linux Enterprise Desktop and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762. | |||||
| CVE-2010-1500 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error." | |||||
| CVE-2010-2897 | 1 Google | 1 Chrome | 2025-04-11 | 10.0 HIGH | N/A |
| Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors. | |||||
| CVE-2010-2106 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers. | |||||
| CVE-2011-3039 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. | |||||
| CVE-2011-1187 | 2 Google, Mozilla | 4 Chrome, Firefox, Seamonkey and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." | |||||
| CVE-2012-2846 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 21.0.1180.57 on Linux does not properly isolate renderer processes, which allows remote attackers to cause a denial of service (cross-process interference) via unspecified vectors. | |||||