rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-2878 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 26, 2012 | Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. | ||
| CVE-2012-2877 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 26, 2012 | The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||
| CVE-2012-2876 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 26, 2012 | Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2012-2874 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 26, 2012 | Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883. | ||
| CVE-2012-2872 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2012-2871 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a craft | ||
| CVE-2012-2870 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, re | ||
| CVE-2012-2869 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer." | ||
| CVE-2012-2868 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object. | ||
| CVE-2012-2867 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||
| CVE-2012-2866 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | ||
| CVE-2012-2865 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 31, 2012 | Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | ||
| CVE-2012-2843 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jul 12, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. | ||
| CVE-2012-2842 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jul 12, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling. | ||
| CVE-2012-2834 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 27, 2012 | Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format. | ||
| CVE-2012-2831 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 27, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references. | ||
| CVE-2012-2830 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 27, 2012 | Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2012-2829 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 27, 2012 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | ||
| CVE-2012-2826 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 27, 2012 | Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2012-2825 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 27, 2012 | The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. |
- CVE-2012-2878Sep 26, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.
- CVE-2012-2877Sep 26, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
- CVE-2012-2876Sep 26, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2012-2874Sep 26, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.
- CVE-2012-2872Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2012-2871Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a craft
- CVE-2012-2870Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, re
- CVE-2012-2869Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."
- CVE-2012-2868Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.
- CVE-2012-2867Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
- CVE-2012-2866Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
- CVE-2012-2865Aug 31, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
- CVE-2012-2843Jul 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking.
- CVE-2012-2842Jul 12, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling.
- CVE-2012-2834Jun 27, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format.
- CVE-2012-2831Jun 27, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references.
- CVE-2012-2830Jun 27, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors.
- CVE-2012-2829Jun 27, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
- CVE-2012-2826Jun 27, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2012-2825Jun 27, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.
Page 196 of 203