Chrome
by Google
Source repositories
CVEs (5,320)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-3083 | 0.00 | — | 0.01 | May 16, 2012 | browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a… | |||
| CVE-2012-1521 | 0.00 | — | 0.02 | May 1, 2012 | Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3081 | 0.00 | — | 0.03 | May 1, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. | |||
| CVE-2011-3080 | 0.00 | — | 0.01 | May 1, 2012 | Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors. | |||
| CVE-2011-3079 | 0.00 | — | 0.01 | May 1, 2012 | The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors. | |||
| CVE-2011-3078 | 0.00 | — | 0.02 | May 1, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. | |||
| CVE-2012-0725 | 0.00 | — | 0.02 | Apr 6, 2012 | Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724. | |||
| CVE-2012-0724 | 0.00 | — | 0.02 | Apr 6, 2012 | Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725. | |||
| CVE-2011-3077 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue. | |||
| CVE-2011-3076 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. | |||
| CVE-2011-3075 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. | |||
| CVE-2011-3074 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. | |||
| CVE-2011-3073 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources. | |||
| CVE-2011-3072 | 0.00 | — | 0.01 | Apr 5, 2012 | Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows. | |||
| CVE-2011-3071 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3070 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. | |||
| CVE-2011-3069 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. | |||
| CVE-2011-3068 | 0.00 | — | 0.02 | Apr 5, 2012 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes. | |||
| CVE-2011-3067 | 0.00 | — | 0.01 | Apr 5, 2012 | Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements. | |||
| CVE-2011-3066 | 0.00 | — | 0.02 | Apr 5, 2012 | Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
- CVE-2011-3083May 16, 2012risk 0.00cvss —epss 0.01
browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a…
- CVE-2012-1521May 1, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3081May 1, 2012risk 0.00cvss —epss 0.03
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.
- CVE-2011-3080May 1, 2012risk 0.00cvss —epss 0.01
Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors.
- CVE-2011-3079May 1, 2012risk 0.00cvss —epss 0.01
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
- CVE-2011-3078May 1, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081.
- CVE-2012-0725Apr 6, 2012risk 0.00cvss —epss 0.02
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.
- CVE-2012-0724Apr 6, 2012risk 0.00cvss —epss 0.02
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.
- CVE-2011-3077Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue.
- CVE-2011-3076Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling.
- CVE-2011-3075Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.
- CVE-2011-3074Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media.
- CVE-2011-3073Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.
- CVE-2011-3072Apr 5, 2012risk 0.00cvss —epss 0.01
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows.
- CVE-2011-3071Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3070Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings.
- CVE-2011-3069Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes.
- CVE-2011-3068Apr 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes.
- CVE-2011-3067Apr 5, 2012risk 0.00cvss —epss 0.01
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.
- CVE-2011-3066Apr 5, 2012risk 0.00cvss —epss 0.02
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Page 241 of 266