rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-2913 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors invol | ||
| CVE-2013-2912 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspe | ||
| CVE-2013-2911 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging | ||
| CVE-2013-2910 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors | ||
| CVE-2013-2909 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated | ||
| CVE-2013-2908 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code. | ||
| CVE-2013-2907 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2013-2906 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Oct 2, 2013 | Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/ | ||
| CVE-2013-2838 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 22, 2013 | Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2013-0900 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknow | ||
| CVE-2013-0899 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to c | ||
| CVE-2013-0898 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL. | ||
| CVE-2013-0897 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document. | ||
| CVE-2013-0896 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vect | ||
| CVE-2013-0895 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors. | ||
| CVE-2013-0894 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attack | ||
| CVE-2013-0893 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media. | ||
| CVE-2013-0892 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||
| CVE-2013-0891 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob. | ||
| CVE-2013-0890 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 23, 2013 | Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. |
- CVE-2013-2913Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors invol
- CVE-2013-2912Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspe
- CVE-2013-2911Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging
- CVE-2013-2910Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors
- CVE-2013-2909Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated
- CVE-2013-2908Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code.
- CVE-2013-2907Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2013-2906Oct 2, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/
- CVE-2013-2838May 22, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2013-0900Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknow
- CVE-2013-0899Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to c
- CVE-2013-0898Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL.
- CVE-2013-0897Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document.
- CVE-2013-0896Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vect
- CVE-2013-0895Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors.
- CVE-2013-0894Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attack
- CVE-2013-0893Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media.
- CVE-2013-0892Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
- CVE-2013-0891Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob.
- CVE-2013-0890Feb 23, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.
Page 192 of 203