Total
3690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3101 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 10.0 HIGH | N/A |
| Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products. | |||||
| CVE-2012-2819 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387. | |||||
| CVE-2011-2784 | 1 Google | 1 Chrome | 2025-04-11 | 2.1 LOW | N/A |
| Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. | |||||
| CVE-2011-3927 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-1201 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-3921 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. | |||||
| CVE-2011-3881 | 2 Apple, Google | 4 Iphone Os, Safari, Android and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. | |||||
| CVE-2011-3925 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. | |||||
| CVE-2010-4034 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | |||||
| CVE-2010-2650 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Google Chrome before 5.0.375.99 has unknown impact and attack vectors, related to an "annoyance with print dialogs." | |||||
| CVE-2010-1772 | 5 Canonical, Fedoraproject, Google and 2 more | 5 Ubuntu Linux, Fedora, Chrome and 2 more | 2025-04-11 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associated with geolocation upon deletion of a document. | |||||
| CVE-2010-1822 | 3 Apple, Google, Opensuse | 3 Safari, Chrome, Opensuse | 2025-04-11 | 6.8 MEDIUM | 8.8 HIGH |
| WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document. | |||||
| CVE-2011-3110 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | |||||
| CVE-2013-2869 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image. | |||||
| CVE-2013-2870 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request. | |||||
| CVE-2011-2879 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-3873 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2012-2877 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 5.0 MEDIUM | N/A |
| The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2010-1664 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-1235 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors. | |||||