V8
by Google
Source repositories
CVEs (108)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-2802 | 0.00 | — | 0.01 | Aug 3, 2011 | Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site. | |||
| CVE-2011-2348 | 0.00 | — | 0.01 | Jun 29, 2011 | Google V8, as used in Google Chrome before 12.0.742.112, performs an incorrect bounds check, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-1286 | 0.00 | — | 0.02 | Mar 11, 2011 | Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory. | |||
| CVE-2011-1193 | 0.00 | — | 0.02 | Mar 11, 2011 | Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | |||
| CVE-2010-0646 | 0.00 | — | 0.05 | Feb 18, 2010 | Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays. | |||
| CVE-2010-0645 | 0.00 | — | 0.03 | Feb 18, 2010 | Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays. | |||
| CVE-2009-2935 | 0.00 | — | 0.05 | Aug 27, 2009 | Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript. | |||
| CVE-2009-2555 | 0.00 | — | 0.03 | Jul 21, 2009 | Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression. |
- CVE-2011-2802Aug 3, 2011risk 0.00cvss —epss 0.01
Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site.
- CVE-2011-2348Jun 29, 2011risk 0.00cvss —epss 0.01
Google V8, as used in Google Chrome before 12.0.742.112, performs an incorrect bounds check, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1286Mar 11, 2011risk 0.00cvss —epss 0.02
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory.
- CVE-2011-1193Mar 11, 2011risk 0.00cvss —epss 0.02
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- CVE-2010-0646Feb 18, 2010risk 0.00cvss —epss 0.05
Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.
- CVE-2010-0645Feb 18, 2010risk 0.00cvss —epss 0.03
Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.
- CVE-2009-2935Aug 27, 2009risk 0.00cvss —epss 0.05
Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript.
- CVE-2009-2555Jul 21, 2009risk 0.00cvss —epss 0.03
Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression.
Page 6 of 6