rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-3963 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3962 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3961 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. | ||
| CVE-2011-3960 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| CVE-2011-3959 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2011-3958 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | ||
| CVE-2011-3957 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents. | ||
| CVE-2011-3956 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension. | ||
| CVE-2011-3955 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that trigger the aborting of an IndexedDB transaction. | ||
| CVE-2011-3954 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage. | ||
| CVE-2011-3953 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not prevent monitoring of the clipboard after a paste event, which has unspecified impact and remote attack vectors. | ||
| CVE-2011-3928 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 24, 2012 | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. | ||
| CVE-2011-3927 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 24, 2012 | Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2011-3926 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 24, 2012 | Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2011-3925 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 24, 2012 | Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page | ||
| CVE-2011-3924 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 24, 2012 | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. | ||
| CVE-2011-3922 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 7, 2012 | Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling. | ||
| CVE-2011-3921 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 7, 2012 | Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. | ||
| CVE-2011-3919 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jan 7, 2012 | Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2011-3917 | — | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Dec 13, 2011 | Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
- CVE-2011-3963Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3962Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3961Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process.
- CVE-2011-3960Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3959Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3958Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
- CVE-2011-3957Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents.
- CVE-2011-3956Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension.
- CVE-2011-3955Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that trigger the aborting of an IndexedDB transaction.
- CVE-2011-3954Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage.
- CVE-2011-3953Feb 9, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 17.0.963.46 does not prevent monitoring of the clipboard after a paste event, which has unspecified impact and remote attack vectors.
- CVE-2011-3928Jan 24, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.
- CVE-2011-3927Jan 24, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3926Jan 24, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3925Jan 24, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page
- CVE-2011-3924Jan 24, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections.
- CVE-2011-3922Jan 7, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling.
- CVE-2011-3921Jan 7, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames.
- CVE-2011-3919Jan 7, 2012affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3917Dec 13, 2011affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Page 202 of 203