Filtered by vendor Google
Subscribe
Total
12842 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-2819 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387. | |||||
CVE-2011-2784 | 1 Google | 1 Chrome | 2025-04-11 | 2.1 LOW | N/A |
Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. | |||||
CVE-2011-3927 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2011-1201 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
CVE-2011-3921 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. | |||||
CVE-2011-3881 | 2 Apple, Google | 4 Iphone Os, Safari, Android and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. | |||||
CVE-2011-3925 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. | |||||
CVE-2012-3486 | 1 Google | 1 Tunnelblick | 2025-04-11 | 6.9 MEDIUM | N/A |
Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event. | |||||
CVE-2010-4034 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | |||||
CVE-2012-1381 | 2 Google, Netease | 2 Android, Netease Cloudalbum | 2025-04-11 | 10.0 HIGH | N/A |
Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloudalbum) application 2.0.0 and 2.2.0 for Android has unknown impact and attack vectors. | |||||
CVE-2010-2650 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
Unspecified vulnerability in Google Chrome before 5.0.375.99 has unknown impact and attack vectors, related to an "annoyance with print dialogs." | |||||
CVE-2010-1772 | 5 Canonical, Fedoraproject, Google and 2 more | 5 Ubuntu Linux, Fedora, Chrome and 2 more | 2025-04-11 | 6.8 MEDIUM | 8.8 HIGH |
Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associated with geolocation upon deletion of a document. | |||||
CVE-2010-1822 | 3 Apple, Google, Opensuse | 3 Safari, Chrome, Opensuse | 2025-04-11 | 6.8 MEDIUM | 8.8 HIGH |
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document. | |||||
CVE-2011-3110 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | |||||
CVE-2010-3645 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. | |||||
CVE-2013-2869 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image. | |||||
CVE-2013-3325 | 8 Adobe, Apple, Google and 5 more | 14 Adobe Air, Adobe Air Sdk, Flash Player and 11 more | 2025-04-11 | 10.0 HIGH | N/A |
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | |||||
CVE-2013-2870 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request. | |||||
CVE-2011-2879 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2011-3873 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |