VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2012-2878Sep 26, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.

  • CVE-2012-2877Sep 26, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

  • CVE-2012-2876Sep 26, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2012-2874Sep 26, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.

  • CVE-2012-2872Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2012-2871Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a craft

  • CVE-2012-2870Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, re

  • CVE-2012-2869Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."

  • CVE-2012-2868Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.

  • CVE-2012-2867Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

  • CVE-2012-2866Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

  • CVE-2012-2865Aug 31, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

  • CVE-2012-2843Jul 12, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking.

  • CVE-2012-2842Jul 12, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling.

  • CVE-2012-2834Jun 27, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format.

  • CVE-2012-2831Jun 27, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references.

  • CVE-2012-2830Jun 27, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors.

  • CVE-2012-2829Jun 27, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

  • CVE-2012-2826Jun 27, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2012-2825Jun 27, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.

Page 196 of 203