Chrome
by Google
Source repositories
CVEs (5,320)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-0829 | 0.00 | — | 0.01 | Jan 15, 2013 | Google Chrome before 24.0.1312.52 does not properly maintain database metadata, which allows remote attackers to bypass intended file-access restrictions via unspecified vectors. | |||
| CVE-2013-0828 | 0.00 | — | 0.02 | Jan 15, 2013 | The PDF functionality in Google Chrome before 24.0.1312.52 does not properly perform a cast of an unspecified variable during processing of the root of the structure tree, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a… | |||
| CVE-2012-5157 | 0.00 | — | 0.01 | Jan 15, 2013 | Google Chrome before 24.0.1312.52 does not properly handle image data in PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | |||
| CVE-2012-5156 | 0.00 | — | 0.01 | Jan 15, 2013 | Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF fields. | |||
| CVE-2012-5155 | 0.00 | — | 0.01 | Jan 15, 2013 | Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. | |||
| CVE-2012-5154 | 0.00 | — | 0.01 | Jan 15, 2013 | Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory. | |||
| CVE-2012-5153 | 0.00 | — | 0.01 | Jan 15, 2013 | Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. | |||
| CVE-2012-5152 | 0.00 | — | 0.01 | Jan 15, 2013 | Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. | |||
| CVE-2012-5151 | 0.00 | — | 0.01 | Jan 15, 2013 | Integer overflow in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code in a PDF document. | |||
| CVE-2012-5150 | 0.00 | — | 0.01 | Jan 15, 2013 | Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data. | |||
| CVE-2012-5149 | 0.00 | — | 0.01 | Jan 15, 2013 | Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-5148 | 0.00 | — | 0.01 | Jan 15, 2013 | The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors. | |||
| CVE-2012-5147 | 0.00 | — | 0.01 | Jan 15, 2013 | Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. | |||
| CVE-2012-5146 | 0.00 | — | 0.01 | Jan 15, 2013 | Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL. | |||
| CVE-2012-5145 | 0.00 | — | 0.01 | Jan 15, 2013 | Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout. | |||
| CVE-2012-5144 | 0.00 | — | 0.04 | Dec 12, 2012 | Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an… | |||
| CVE-2012-5143 | 0.00 | — | 0.02 | Dec 12, 2012 | Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. | |||
| CVE-2012-5142 | 0.00 | — | 0.03 | Dec 12, 2012 | Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | |||
| CVE-2012-5141 | 0.00 | — | 0.01 | Dec 12, 2012 | Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors. | |||
| CVE-2012-5140 | 0.00 | — | 0.02 | Dec 12, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. |
- CVE-2013-0829Jan 15, 2013risk 0.00cvss —epss 0.01
Google Chrome before 24.0.1312.52 does not properly maintain database metadata, which allows remote attackers to bypass intended file-access restrictions via unspecified vectors.
- CVE-2013-0828Jan 15, 2013risk 0.00cvss —epss 0.02
The PDF functionality in Google Chrome before 24.0.1312.52 does not properly perform a cast of an unspecified variable during processing of the root of the structure tree, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a…
- CVE-2012-5157Jan 15, 2013risk 0.00cvss —epss 0.01
Google Chrome before 24.0.1312.52 does not properly handle image data in PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
- CVE-2012-5156Jan 15, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF fields.
- CVE-2012-5155Jan 15, 2013risk 0.00cvss —epss 0.01
Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors.
- CVE-2012-5154Jan 15, 2013risk 0.00cvss —epss 0.01
Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory.
- CVE-2012-5153Jan 15, 2013risk 0.00cvss —epss 0.01
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory.
- CVE-2012-5152Jan 15, 2013risk 0.00cvss —epss 0.01
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data.
- CVE-2012-5151Jan 15, 2013risk 0.00cvss —epss 0.01
Integer overflow in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code in a PDF document.
- CVE-2012-5150Jan 15, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data.
- CVE-2012-5149Jan 15, 2013risk 0.00cvss —epss 0.01
Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2012-5148Jan 15, 2013risk 0.00cvss —epss 0.01
The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors.
- CVE-2012-5147Jan 15, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.
- CVE-2012-5146Jan 15, 2013risk 0.00cvss —epss 0.01
Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL.
- CVE-2012-5145Jan 15, 2013risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout.
- CVE-2012-5144Dec 12, 2012risk 0.00cvss —epss 0.04
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an…
- CVE-2012-5143Dec 12, 2012risk 0.00cvss —epss 0.02
Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers.
- CVE-2012-5142Dec 12, 2012risk 0.00cvss —epss 0.03
Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
- CVE-2012-5141Dec 12, 2012risk 0.00cvss —epss 0.01
Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors.
- CVE-2012-5140Dec 12, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader.
Page 233 of 266