Chrome
by Google
Source repositories
CVEs (5,320)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-2849 | 0.00 | — | 0.01 | Aug 6, 2012 | Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. | |||
| CVE-2012-2848 | 0.00 | — | 0.01 | Aug 6, 2012 | The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site. | |||
| CVE-2012-2847 | 0.00 | — | 0.01 | Aug 6, 2012 | Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource… | |||
| CVE-2012-2846 | 0.00 | — | 0.01 | Aug 6, 2012 | Google Chrome before 21.0.1180.57 on Linux does not properly isolate renderer processes, which allows remote attackers to cause a denial of service (cross-process interference) via unspecified vectors. | |||
| CVE-2012-2844 | 0.00 | — | 0.02 | Jul 12, 2012 | The PDF functionality in Google Chrome before 20.0.1132.57 does not properly handle JavaScript code, which allows remote attackers to cause a denial of service (incorrect object access) or possibly have unspecified other impact via a crafted document. | |||
| CVE-2012-2843 | 0.00 | — | 0.02 | Jul 12, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. | |||
| CVE-2012-2842 | 0.00 | — | 0.01 | Jul 12, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling. | |||
| CVE-2012-2834 | 0.00 | — | 0.01 | Jun 27, 2012 | Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format. | |||
| CVE-2012-2833 | 0.00 | — | 0.01 | Jun 27, 2012 | Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-2832 | 0.00 | — | 0.01 | Jun 27, 2012 | The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||
| CVE-2012-2831 | 0.00 | — | 0.01 | Jun 27, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references. | |||
| CVE-2012-2830 | 0.00 | — | 0.01 | Jun 27, 2012 | Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-2829 | 0.00 | — | 0.01 | Jun 27, 2012 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | |||
| CVE-2012-2828 | 0.00 | — | 0.01 | Jun 27, 2012 | Multiple integer overflows in the PDF functionality in Google Chrome before 20.0.1132.43 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | |||
| CVE-2012-2827 | 0.00 | — | 0.01 | Jun 27, 2012 | Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-2826 | 0.00 | — | 0.01 | Jun 27, 2012 | Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2012-2825 | 0.00 | — | 0.02 | Jun 27, 2012 | The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. | |||
| CVE-2012-2824 | 0.00 | — | 0.01 | Jun 27, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting. | |||
| CVE-2012-2823 | 0.00 | — | 0.01 | Jun 27, 2012 | Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources. | |||
| CVE-2012-2822 | 0.00 | — | 0.01 | Jun 27, 2012 | The PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
- CVE-2012-2849Aug 6, 2012risk 0.00cvss —epss 0.01
Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.
- CVE-2012-2848Aug 6, 2012risk 0.00cvss —epss 0.01
The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site.
- CVE-2012-2847Aug 6, 2012risk 0.00cvss —epss 0.01
Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource…
- CVE-2012-2846Aug 6, 2012risk 0.00cvss —epss 0.01
Google Chrome before 21.0.1180.57 on Linux does not properly isolate renderer processes, which allows remote attackers to cause a denial of service (cross-process interference) via unspecified vectors.
- CVE-2012-2844Jul 12, 2012risk 0.00cvss —epss 0.02
The PDF functionality in Google Chrome before 20.0.1132.57 does not properly handle JavaScript code, which allows remote attackers to cause a denial of service (incorrect object access) or possibly have unspecified other impact via a crafted document.
- CVE-2012-2843Jul 12, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking.
- CVE-2012-2842Jul 12, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling.
- CVE-2012-2834Jun 27, 2012risk 0.00cvss —epss 0.01
Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format.
- CVE-2012-2833Jun 27, 2012risk 0.00cvss —epss 0.01
Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2012-2832Jun 27, 2012risk 0.00cvss —epss 0.01
The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
- CVE-2012-2831Jun 27, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references.
- CVE-2012-2830Jun 27, 2012risk 0.00cvss —epss 0.01
Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors.
- CVE-2012-2829Jun 27, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
- CVE-2012-2828Jun 27, 2012risk 0.00cvss —epss 0.01
Multiple integer overflows in the PDF functionality in Google Chrome before 20.0.1132.43 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
- CVE-2012-2827Jun 27, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2012-2826Jun 27, 2012risk 0.00cvss —epss 0.01
Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2012-2825Jun 27, 2012risk 0.00cvss —epss 0.02
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.
- CVE-2012-2824Jun 27, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting.
- CVE-2012-2823Jun 27, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources.
- CVE-2012-2822Jun 27, 2012risk 0.00cvss —epss 0.01
The PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Page 238 of 266