rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-3089 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 16, 2012 | Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables. | ||
| CVE-2011-3088 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 16, 2012 | Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3087 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 16, 2012 | Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors. | ||
| CVE-2011-3086 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 16, 2012 | Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element. | ||
| CVE-2011-3085 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 16, 2012 | The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values. | ||
| CVE-2011-3084 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 16, 2012 | Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page. | ||
| CVE-2011-3083 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 16, 2012 | browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a cr | ||
| CVE-2012-1521 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 1, 2012 | Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2011-3081 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 1, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. | ||
| CVE-2011-3080 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 1, 2012 | Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors. | ||
| CVE-2011-3079 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 1, 2012 | The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors. | ||
| CVE-2011-3078 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | May 1, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. | ||
| CVE-2011-3077 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue. | ||
| CVE-2011-3076 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. | ||
| CVE-2011-3075 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. | ||
| CVE-2011-3074 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. | ||
| CVE-2011-3073 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources. | ||
| CVE-2011-3072 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows. | ||
| CVE-2011-3071 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2011-3070 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. |
- CVE-2011-3089May 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables.
- CVE-2011-3088May 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3087May 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors.
- CVE-2011-3086May 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element.
- CVE-2011-3085May 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values.
- CVE-2011-3084May 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page.
- CVE-2011-3083May 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a cr
- CVE-2012-1521May 1, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3081May 1, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.
- CVE-2011-3080May 1, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors.
- CVE-2011-3079May 1, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
- CVE-2011-3078May 1, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081.
- CVE-2011-3077Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue.
- CVE-2011-3076Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling.
- CVE-2011-3075Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.
- CVE-2011-3074Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media.
- CVE-2011-3073Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.
- CVE-2011-3072Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows.
- CVE-2011-3071Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3070Apr 5, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings.
Page 198 of 203