VYPR

Chrome

by Google

Source repositories

CVEs (5,320)

  • CVE-2014-1747May 21, 2014
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka…

  • CVE-2014-1746May 21, 2014
    risk 0.00cvss epss 0.01

    The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger…

  • CVE-2014-1744May 21, 2014
    risk 0.00cvss epss 0.02

    Integer overflow in the AudioInputRendererHost::OnCreateStream function in content/browser/renderer_host/media/audio_input_renderer_host.cc in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact via…

  • CVE-2014-1743May 21, 2014
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact…

  • CVE-2014-1742May 14, 2014
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging…

  • CVE-2014-1741May 14, 2014
    risk 0.00cvss epss 0.02

    Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified…

  • CVE-2014-1740May 14, 2014
    risk 0.00cvss epss 0.02

    Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob…

  • CVE-2014-1736May 6, 2014
    risk 0.00cvss epss 0.02

    Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value.

  • CVE-2014-1735Apr 26, 2014
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2014-1734Apr 26, 2014
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2014-1733Apr 26, 2014
    risk 0.00cvss epss 0.02

    The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging…

  • CVE-2014-1732Apr 26, 2014
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an…

  • CVE-2014-1731Apr 26, 2014
    risk 0.00cvss epss 0.03

    core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of…

  • CVE-2014-1730Apr 26, 2014
    risk 0.00cvss epss 0.03

    Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading…

  • CVE-2014-1729Apr 9, 2014
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2014-1728Apr 9, 2014
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2014-1727Apr 9, 2014
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms.

  • CVE-2014-1726Apr 9, 2014
    risk 0.00cvss epss 0.01

    The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access.

  • CVE-2014-1725Apr 9, 2014
    risk 0.00cvss epss 0.01

    The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read)…

  • CVE-2014-1724Apr 9, 2014
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request.

Page 222 of 266