VYPR

Chrome

by Google

Source repositories

CVEs (5,320)

  • CVE-2010-2296Jun 15, 2010
    risk 0.00cvss epss 0.02

    The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors.

  • CVE-2010-2295Jun 15, 2010
    risk 0.00cvss epss 0.01

    page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar…

  • CVE-2010-1770Jun 11, 2010
    risk 0.00cvss epss 0.05

    WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers…

  • CVE-2010-2120Jun 1, 2010
    risk 0.00cvss epss 0.01

    Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.

  • CVE-2010-2110May 28, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors.

  • CVE-2010-2109May 28, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality.

  • CVE-2010-2108May 28, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors.

  • CVE-2010-2107May 28, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.

  • CVE-2010-2106May 28, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.

  • CVE-2010-2105May 28, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors.

  • CVE-2010-1992May 20, 2010
    risk 0.00cvss epss 0.01

    Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

  • CVE-2010-1851May 7, 2010
    risk 0.00cvss epss 0.00

    Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a…

  • CVE-2010-1731May 6, 2010
    risk 0.00cvss epss 0.01

    Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop.

  • CVE-2010-1665May 3, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

  • CVE-2010-1664May 3, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

  • CVE-2010-1506Apr 23, 2010
    risk 0.00cvss epss 0.01

    The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors.

  • CVE-2010-1505Apr 23, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.

  • CVE-2010-1504Apr 23, 2010
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.

  • CVE-2010-1503Apr 23, 2010
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.

  • CVE-2010-1502Apr 23, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools."

Page 263 of 266