ChromeOS
by Google
CVEs (73)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-2864 | 0.00 | — | 0.06 | Aug 22, 2012 | Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow." | |||
| CVE-2012-4050 | 0.00 | — | 0.00 | Jul 24, 2012 | Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors. | |||
| CVE-2012-3290 | 0.00 | — | 0.00 | Jun 7, 2012 | Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2012-1418 | 0.00 | — | 0.00 | Feb 29, 2012 | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2012-0695 | 0.00 | — | 0.00 | Jan 12, 2012 | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2011-4719 | 0.00 | — | 0.00 | Dec 9, 2011 | Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2011-4548 | 0.00 | — | 0.00 | Nov 24, 2011 | Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2011-3421 | 0.00 | — | 0.00 | Sep 12, 2011 | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2011-3420 | 0.00 | — | 0.01 | Sep 12, 2011 | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2011-2171 | 0.00 | — | 0.00 | May 24, 2011 | Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors. | |||
| CVE-2011-2170 | 0.00 | — | 0.00 | May 24, 2011 | Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors. | |||
| CVE-2011-2169 | 0.00 | — | 0.00 | May 24, 2011 | Google Chrome OS before R12 0.12.433.38 Beta allows local users to gain privileges by creating a /var/lib/chromeos-aliases.conf file and placing commands in it. | |||
| CVE-2011-1306 | 0.00 | — | 0.00 | Mar 8, 2011 | Unspecified vulnerability in the Scratchpad application in Google Chrome OS before R10 0.10.156.46 Beta has unknown impact and attack vectors. | |||
| CVE-2011-1042 | 0.00 | — | 0.01 | Feb 18, 2011 | Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta allows user-assisted remote attackers to cause a denial of service (daemon crash) by providing the name of a hidden WiFi network that does not respond to connection attempts. | |||
| CVE-2011-0484 | 0.00 | — | 0.02 | Jan 14, 2011 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node." | |||
| CVE-2011-0483 | 0.00 | — | 0.02 | Jan 14, 2011 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-0482 | 0.00 | — | 0.03 | Jan 14, 2011 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML… | |||
| CVE-2011-0481 | 0.00 | — | 0.02 | Jan 14, 2011 | Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading. | |||
| CVE-2011-0480 | 0.00 | — | 0.01 | Jan 14, 2011 | Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified… | |||
| CVE-2011-0479 | 0.00 | — | 0.02 | Jan 14, 2011 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer. |
- CVE-2012-2864Aug 22, 2012risk 0.00cvss —epss 0.06
Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow."
- CVE-2012-4050Jul 24, 2012risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors.
- CVE-2012-3290Jun 7, 2012risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors.
- CVE-2012-1418Feb 29, 2012risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
- CVE-2012-0695Jan 12, 2012risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
- CVE-2011-4719Dec 9, 2011risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
- CVE-2011-4548Nov 24, 2011risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.44 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
- CVE-2011-3421Sep 12, 2011risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
- CVE-2011-3420Sep 12, 2011risk 0.00cvss —epss 0.01
Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
- CVE-2011-2171May 24, 2011risk 0.00cvss —epss 0.00
Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors.
- CVE-2011-2170May 24, 2011risk 0.00cvss —epss 0.00
Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors.
- CVE-2011-2169May 24, 2011risk 0.00cvss —epss 0.00
Google Chrome OS before R12 0.12.433.38 Beta allows local users to gain privileges by creating a /var/lib/chromeos-aliases.conf file and placing commands in it.
- CVE-2011-1306Mar 8, 2011risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Scratchpad application in Google Chrome OS before R10 0.10.156.46 Beta has unknown impact and attack vectors.
- CVE-2011-1042Feb 18, 2011risk 0.00cvss —epss 0.01
Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta allows user-assisted remote attackers to cause a denial of service (daemon crash) by providing the name of a hidden WiFi network that does not respond to connection attempts.
- CVE-2011-0484Jan 14, 2011risk 0.00cvss —epss 0.02
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node."
- CVE-2011-0483Jan 14, 2011risk 0.00cvss —epss 0.02
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-0482Jan 14, 2011risk 0.00cvss —epss 0.03
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML…
- CVE-2011-0481Jan 14, 2011risk 0.00cvss —epss 0.02
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading.
- CVE-2011-0480Jan 14, 2011risk 0.00cvss —epss 0.01
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified…
- CVE-2011-0479Jan 14, 2011risk 0.00cvss —epss 0.02
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer.
Page 3 of 4