Chrome
by Google
Source repositories
CVEs (5,320)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-5139 | 0.00 | — | 0.02 | Dec 12, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. | |||
| CVE-2012-5138 | 0.00 | — | 0.01 | Dec 4, 2012 | Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors. | |||
| CVE-2012-5137 | 0.00 | — | 0.03 | Dec 4, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API. | |||
| CVE-2012-5129 | 0.00 | — | 0.01 | Dec 4, 2012 | Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-5136 | 0.00 | — | 0.01 | Nov 28, 2012 | Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. | |||
| CVE-2012-5135 | 0.00 | — | 0.01 | Nov 28, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. | |||
| CVE-2012-5134 | 0.00 | — | 0.04 | Nov 28, 2012 | Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted… | |||
| CVE-2012-5133 | 0.00 | — | 0.01 | Nov 28, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. | |||
| CVE-2012-5132 | 0.00 | — | 0.01 | Nov 28, 2012 | Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding. | |||
| CVE-2012-5131 | 0.00 | — | 0.01 | Nov 28, 2012 | Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitigate improper rendering behavior in the Intel GPU driver, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-5130 | 0.00 | — | 0.01 | Nov 28, 2012 | Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2012-5128 | 0.00 | — | 0.01 | Nov 7, 2012 | Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-5127 | 0.00 | — | 0.01 | Nov 7, 2012 | Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image. | |||
| CVE-2012-5126 | 0.00 | — | 0.01 | Nov 7, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of plug-in placeholders. | |||
| CVE-2012-5125 | 0.00 | — | 0.01 | Nov 7, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs. | |||
| CVE-2012-5124 | 0.00 | — | 0.01 | Nov 7, 2012 | Google Chrome before 23.0.1271.64 does not properly handle textures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-5123 | 0.00 | — | 0.01 | Nov 7, 2012 | Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2012-5122 | 0.00 | — | 0.01 | Nov 7, 2012 | Google Chrome before 23.0.1271.64 does not properly perform a cast of an unspecified variable during handling of input, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||
| CVE-2012-5121 | 0.00 | — | 0.02 | Nov 7, 2012 | Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video layout. | |||
| CVE-2012-5120 | 0.00 | — | 0.02 | Nov 7, 2012 | Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array. |
- CVE-2012-5139Dec 12, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events.
- CVE-2012-5138Dec 4, 2012risk 0.00cvss —epss 0.01
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.
- CVE-2012-5137Dec 4, 2012risk 0.00cvss —epss 0.03
Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.
- CVE-2012-5129Dec 4, 2012risk 0.00cvss —epss 0.01
Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other impact via unknown vectors.
- CVE-2012-5136Nov 28, 2012risk 0.00cvss —epss 0.01
Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
- CVE-2012-5135Nov 28, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.
- CVE-2012-5134Nov 28, 2012risk 0.00cvss —epss 0.04
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted…
- CVE-2012-5133Nov 28, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
- CVE-2012-5132Nov 28, 2012risk 0.00cvss —epss 0.01
Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding.
- CVE-2012-5131Nov 28, 2012risk 0.00cvss —epss 0.01
Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitigate improper rendering behavior in the Intel GPU driver, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2012-5130Nov 28, 2012risk 0.00cvss —epss 0.01
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2012-5128Nov 7, 2012risk 0.00cvss —epss 0.01
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2012-5127Nov 7, 2012risk 0.00cvss —epss 0.01
Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.
- CVE-2012-5126Nov 7, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of plug-in placeholders.
- CVE-2012-5125Nov 7, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs.
- CVE-2012-5124Nov 7, 2012risk 0.00cvss —epss 0.01
Google Chrome before 23.0.1271.64 does not properly handle textures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2012-5123Nov 7, 2012risk 0.00cvss —epss 0.01
Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2012-5122Nov 7, 2012risk 0.00cvss —epss 0.01
Google Chrome before 23.0.1271.64 does not properly perform a cast of an unspecified variable during handling of input, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
- CVE-2012-5121Nov 7, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video layout.
- CVE-2012-5120Nov 7, 2012risk 0.00cvss —epss 0.02
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array.
Page 234 of 266