rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-3025 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3024 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate. | ||
| CVE-2011-3023 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. | ||
| CVE-2011-3022 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. | ||
| CVE-2011-3021 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. | ||
| CVE-2011-3020 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. | ||
| CVE-2011-3019 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. | ||
| CVE-2011-3018 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. | ||
| CVE-2011-3017 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. | ||
| CVE-2011-3016 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. | ||
| CVE-2011-3015 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 16, 2012 | Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2011-3972 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3971 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. | ||
| CVE-2011-3970 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3969 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. | ||
| CVE-2011-3968 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. | ||
| CVE-2011-3967 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Unspecified vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via a crafted certificate. | ||
| CVE-2011-3966 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. | ||
| CVE-2011-3965 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||
| CVE-2011-3964 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors. |
- CVE-2011-3025Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3024Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate.
- CVE-2011-3023Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations.
- CVE-2011-3022Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.
- CVE-2011-3021Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading.
- CVE-2011-3020Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors.
- CVE-2011-3019Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file.
- CVE-2011-3018Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering.
- CVE-2011-3017Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling.
- CVE-2011-3016Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue.
- CVE-2011-3015Feb 16, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3972Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3971Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events.
- CVE-2011-3970Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3969Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents.
- CVE-2011-3968Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences.
- CVE-2011-3967Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Unspecified vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via a crafted certificate.
- CVE-2011-3966Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data.
- CVE-2011-3965Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
- CVE-2011-3964Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors.
Page 201 of 203