Chrome
by Google
Source repositories
CVEs (5,320)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-3046 | 0.00 | — | 0.05 | Mar 9, 2012 | The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. | |||
| CVE-2011-3044 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. | |||
| CVE-2011-3043 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements. | |||
| CVE-2011-3042 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. | |||
| CVE-2011-3041 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes. | |||
| CVE-2011-3040 | 0.00 | — | 0.02 | Mar 5, 2012 | Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | |||
| CVE-2011-3039 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. | |||
| CVE-2011-3038 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. | |||
| CVE-2011-3037 | 0.00 | — | 0.02 | Mar 5, 2012 | Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||
| CVE-2011-3036 | 0.00 | — | 0.02 | Mar 5, 2012 | Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||
| CVE-2011-3035 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. | |||
| CVE-2011-3034 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document. | |||
| CVE-2011-3033 | 0.00 | — | 0.02 | Mar 5, 2012 | Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3032 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values. | |||
| CVE-2011-3031 | 0.00 | — | 0.02 | Mar 5, 2012 | Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3027 | 0.00 | — | 0.02 | Feb 16, 2012 | Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||
| CVE-2011-3025 | 0.00 | — | 0.01 | Feb 16, 2012 | Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-3024 | 0.00 | — | 0.01 | Feb 16, 2012 | Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate. | |||
| CVE-2011-3023 | 0.00 | — | 0.01 | Feb 16, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. | |||
| CVE-2011-3022 | 0.00 | — | 0.01 | Feb 16, 2012 | translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. |
- CVE-2011-3046Mar 9, 2012risk 0.00cvss —epss 0.05
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
- CVE-2011-3044Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements.
- CVE-2011-3043Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.
- CVE-2011-3042Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections.
- CVE-2011-3041Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes.
- CVE-2011-3040Mar 5, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
- CVE-2011-3039Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling.
- CVE-2011-3038Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling.
- CVE-2011-3037Mar 5, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
- CVE-2011-3036Mar 5, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
- CVE-2011-3035Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.
- CVE-2011-3034Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.
- CVE-2011-3033Mar 5, 2012risk 0.00cvss —epss 0.02
Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3032Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.
- CVE-2011-3031Mar 5, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3027Feb 16, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
- CVE-2011-3025Feb 16, 2012risk 0.00cvss —epss 0.01
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3024Feb 16, 2012risk 0.00cvss —epss 0.01
Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate.
- CVE-2011-3023Feb 16, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations.
- CVE-2011-3022Feb 16, 2012risk 0.00cvss —epss 0.01
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.
Page 243 of 266