Chrome
by Google
Source repositories
CVEs (5,373)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-0315 | 0.04 | — | 0.07 | Jan 14, 2010 | WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the… | |||
| CVE-2008-6998 | 0.04 | — | 0.10 | Aug 19, 2009 | Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which… | |||
| CVE-2008-6996 | 0.04 | — | 0.06 | Aug 19, 2009 | Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service (disk consumption) or exploit other vulnerabilities via a URL that references an executable file,… | |||
| CVE-2008-6994 | 0.04 | — | 0.10 | Aug 19, 2009 | Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves… | |||
| CVE-2013-6166 | 0.03 | — | 0.02 | Feb 15, 2014 | Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to… | |||
| CVE-2013-6627 | 0.03 | — | 0.05 | Nov 13, 2013 | net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. | |||
| CVE-2012-5851 | 0.03 | — | 0.02 | Nov 15, 2012 | html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a… | |||
| CVE-2012-4909 | 0.03 | — | 0.02 | Sep 13, 2012 | Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application. | |||
| CVE-2012-4908 | 0.03 | — | 0.03 | Sep 13, 2012 | Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. | |||
| CVE-2012-4906 | 0.03 | — | 0.03 | Sep 13, 2012 | Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903. | |||
| CVE-2012-4905 | 0.03 | — | 0.02 | Sep 13, 2012 | Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)." | |||
| CVE-2012-2764 | 0.03 | — | 0.00 | Jun 27, 2012 | Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory. | |||
| CVE-2011-2841 | 0.03 | — | 0.04 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | |||
| CVE-2008-7246 | 0.03 | — | 0.02 | Sep 18, 2009 | Google Chrome 0.2.149.29 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. | |||
| CVE-2008-7061 | 0.03 | — | 0.04 | Aug 24, 2009 | The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly… | |||
| CVE-2008-6997 | 0.03 | — | 0.04 | Aug 19, 2009 | Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action. | |||
| CVE-2008-6995 | 0.03 | — | 0.05 | Aug 19, 2009 | Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated… | |||
| CVE-2009-2352 | 0.03 | — | 0.02 | Jul 7, 2009 | Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh… | |||
| CVE-2009-1514 | 0.03 | — | 0.03 | May 4, 2009 | Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a throw statement with a long exception value. | |||
| CVE-2009-0374 | 0.03 | — | 0.02 | Jan 30, 2009 | Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue,… |
- CVE-2010-0315Jan 14, 2010risk 0.04cvss —epss 0.07
WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the…
- CVE-2008-6998Aug 19, 2009risk 0.04cvss —epss 0.10
Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which…
- CVE-2008-6996Aug 19, 2009risk 0.04cvss —epss 0.06
Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service (disk consumption) or exploit other vulnerabilities via a URL that references an executable file,…
- CVE-2008-6994Aug 19, 2009risk 0.04cvss —epss 0.10
Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves…
- CVE-2013-6166Feb 15, 2014risk 0.03cvss —epss 0.02
Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to…
- CVE-2013-6627Nov 13, 2013risk 0.03cvss —epss 0.05
net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response.
- CVE-2012-5851Nov 15, 2012risk 0.03cvss —epss 0.02
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a…
- CVE-2012-4909Sep 13, 2012risk 0.03cvss —epss 0.02
Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application.
- CVE-2012-4908Sep 13, 2012risk 0.03cvss —epss 0.03
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
- CVE-2012-4906Sep 13, 2012risk 0.03cvss —epss 0.03
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903.
- CVE-2012-4905Sep 13, 2012risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)."
- CVE-2012-2764Jun 27, 2012risk 0.03cvss —epss 0.00
Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory.
- CVE-2011-2841Sep 19, 2011risk 0.03cvss —epss 0.04
Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
- CVE-2008-7246Sep 18, 2009risk 0.03cvss —epss 0.02
Google Chrome 0.2.149.29 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
- CVE-2008-7061Aug 24, 2009risk 0.03cvss —epss 0.04
The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly…
- CVE-2008-6997Aug 19, 2009risk 0.03cvss —epss 0.04
Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action.
- CVE-2008-6995Aug 19, 2009risk 0.03cvss —epss 0.05
Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated…
- CVE-2009-2352Jul 7, 2009risk 0.03cvss —epss 0.02
Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh…
- CVE-2009-1514May 4, 2009risk 0.03cvss —epss 0.03
Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a throw statement with a long exception value.
- CVE-2009-0374Jan 30, 2009risk 0.03cvss —epss 0.02
Google Chrome 1.0.154.43 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Clickjacking" vulnerability. NOTE: a third party disputes the relevance of this issue,…
Page 179 of 269