rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-5154 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory. | ||
| CVE-2012-5153 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. | ||
| CVE-2012-5152 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. | ||
| CVE-2012-5150 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data. | ||
| CVE-2012-5149 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2012-5148 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors. | ||
| CVE-2012-5147 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. | ||
| CVE-2012-5146 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL. | ||
| CVE-2012-5145 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 15, 2013 | Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout. | ||
| CVE-2012-5144 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 12, 2012 | Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an | ||
| CVE-2012-5143 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 12, 2012 | Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. | ||
| CVE-2012-5142 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 12, 2012 | Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | ||
| CVE-2012-5141 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 12, 2012 | Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors. | ||
| CVE-2012-5140 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 12, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. | ||
| CVE-2012-5139 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 12, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. | ||
| CVE-2012-5138 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 4, 2012 | Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors. | ||
| CVE-2012-5137 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 4, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API. | ||
| CVE-2012-5136 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Nov 28, 2012 | Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. | ||
| CVE-2012-5135 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Nov 28, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. | ||
| CVE-2012-5134 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Nov 28, 2012 | Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entit |
- CVE-2012-5154Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory.
- CVE-2012-5153Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory.
- CVE-2012-5152Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data.
- CVE-2012-5150Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data.
- CVE-2012-5149Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2012-5148Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors.
- CVE-2012-5147Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.
- CVE-2012-5146Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL.
- CVE-2012-5145Jan 15, 2013affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout.
- CVE-2012-5144Dec 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an
- CVE-2012-5143Dec 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers.
- CVE-2012-5142Dec 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
- CVE-2012-5141Dec 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors.
- CVE-2012-5140Dec 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader.
- CVE-2012-5139Dec 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events.
- CVE-2012-5138Dec 4, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.
- CVE-2012-5137Dec 4, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.
- CVE-2012-5136Nov 28, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
- CVE-2012-5135Nov 28, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.
- CVE-2012-5134Nov 28, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entit
Page 194 of 203