Chrome
by Google
Source repositories
CVEs (5,320)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-2860 | 0.00 | — | 0.01 | Jun 5, 2013 | Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving access to a database API by a worker process. | |||
| CVE-2013-2859 | 0.00 | — | 0.01 | Jun 5, 2013 | Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors. | |||
| CVE-2013-2858 | 0.00 | — | 0.01 | Jun 5, 2013 | Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2013-2857 | 0.00 | — | 0.01 | Jun 5, 2013 | Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of images. | |||
| CVE-2013-2856 | 0.00 | — | 0.01 | Jun 5, 2013 | Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. | |||
| CVE-2013-2855 | 0.00 | — | 0.01 | Jun 5, 2013 | The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2013-2854 | 0.00 | — | 0.01 | Jun 5, 2013 | Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||
| CVE-2013-2849 | 0.00 | — | 0.01 | May 22, 2013 | Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation. | |||
| CVE-2013-2848 | 0.00 | — | 0.01 | May 22, 2013 | The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors. | |||
| CVE-2013-2847 | 0.00 | — | 0.01 | May 22, 2013 | Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2013-2846 | 0.00 | — | 0.01 | May 22, 2013 | Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840. | |||
| CVE-2013-2845 | 0.00 | — | 0.01 | May 22, 2013 | The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2013-2844 | 0.00 | — | 0.01 | May 22, 2013 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution. | |||
| CVE-2013-2843 | 0.00 | — | 0.01 | May 22, 2013 | Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech data. | |||
| CVE-2013-2841 | 0.00 | — | 0.01 | May 22, 2013 | Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of Pepper resources. | |||
| CVE-2013-2840 | 0.00 | — | 0.01 | May 22, 2013 | Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846. | |||
| CVE-2013-2839 | 0.00 | — | 0.01 | May 22, 2013 | Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||
| CVE-2013-2838 | 0.00 | — | 0.02 | May 22, 2013 | Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2013-2837 | 0.00 | — | 0.01 | May 22, 2013 | Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2013-2836 | 0.00 | — | 0.01 | May 22, 2013 | Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. |
- CVE-2013-2860Jun 5, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving access to a database API by a worker process.
- CVE-2013-2859Jun 5, 2013risk 0.00cvss —epss 0.01
Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors.
- CVE-2013-2858Jun 5, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2013-2857Jun 5, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of images.
- CVE-2013-2856Jun 5, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input.
- CVE-2013-2855Jun 5, 2013risk 0.00cvss —epss 0.01
The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2013-2854Jun 5, 2013risk 0.00cvss —epss 0.01
Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
- CVE-2013-2849May 22, 2013risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.
- CVE-2013-2848May 22, 2013risk 0.00cvss —epss 0.01
The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors.
- CVE-2013-2847May 22, 2013risk 0.00cvss —epss 0.01
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors.
- CVE-2013-2846May 22, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.
- CVE-2013-2845May 22, 2013risk 0.00cvss —epss 0.01
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2013-2844May 22, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution.
- CVE-2013-2843May 22, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech data.
- CVE-2013-2841May 22, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of Pepper resources.
- CVE-2013-2840May 22, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846.
- CVE-2013-2839May 22, 2013risk 0.00cvss —epss 0.01
Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
- CVE-2013-2838May 22, 2013risk 0.00cvss —epss 0.02
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2013-2837May 22, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2013-2836May 22, 2013risk 0.00cvss —epss 0.01
Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Page 229 of 266