VYPR

Vendor CVEs

Google

All CVEs

11,327 total · sorted by risk
  • CVE-2013-6638Dec 7, 2013
    risk 0.00cvss epss 0.02

    Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1)…

  • CVE-2013-6637Dec 7, 2013
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2013-6636Dec 7, 2013
    risk 0.00cvss epss 0.01

    The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the…

  • CVE-2013-6635Dec 7, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing…

  • CVE-2013-6634Dec 7, 2013
    risk 0.00cvss epss 0.01

    The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by…

  • CVE-2013-6631Nov 19, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have…

  • CVE-2013-6630Nov 19, 2013
    risk 0.00cvss epss 0.02

    The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers,…

  • CVE-2013-6802Nov 18, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632.

  • CVE-2013-6632Nov 18, 2013
    risk 0.00cvss epss 0.06

    Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.

  • CVE-2013-4204Nov 18, 2013
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the JUnit files in the GWTTestCase in Google Web Toolkit (GWT) before 2.5.1 RC1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2013-6628Nov 13, 2013
    risk 0.00cvss epss 0.01

    net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust…

  • CVE-2013-6626Nov 13, 2013
    risk 0.00cvss epss 0.01

    The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a…

  • CVE-2013-6625Nov 13, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances…

  • CVE-2013-6624Nov 13, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes.

  • CVE-2013-6623Nov 13, 2013
    risk 0.00cvss epss 0.01

    The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.

  • CVE-2013-6622Nov 13, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via…

  • CVE-2013-6621Nov 13, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element.

  • CVE-2013-2931Nov 13, 2013
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors.

  • CVE-2013-2928Oct 16, 2013
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2013-2927Oct 16, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors…

  • CVE-2013-2926Oct 16, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have…

  • CVE-2013-2925Oct 16, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same…

  • CVE-2013-2924Oct 2, 2013
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2013-2923Oct 2, 2013
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2013-2922Oct 2, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE…

  • CVE-2013-2921Oct 2, 2013
    risk 0.00cvss epss 0.01

    Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other…

  • CVE-2013-2920Oct 2, 2013
    risk 0.00cvss epss 0.01

    The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a…

  • CVE-2013-2919Oct 2, 2013
    risk 0.00cvss epss 0.02

    Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2013-2918Oct 2, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have…

  • CVE-2013-2917Oct 2, 2013
    risk 0.00cvss epss 0.01

    The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors…

  • CVE-2013-2916Oct 2, 2013
    risk 0.00cvss epss 0.01

    Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code, in conjunction with a delay in notifying the user of an attempted spoof.

  • CVE-2013-2915Oct 2, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.

  • CVE-2013-2914Oct 2, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to color_chooser_dialog.cc and color_chooser_win.cc in…

  • CVE-2013-2913Oct 2, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors…

  • CVE-2013-2912Oct 2, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have…

  • CVE-2013-2911Oct 2, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging…

  • CVE-2013-2910Oct 2, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown…

  • CVE-2013-2909Oct 2, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated…

  • CVE-2013-2908Oct 2, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code.

  • CVE-2013-2907Oct 2, 2013
    risk 0.00cvss epss 0.01

    The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2013-2906Oct 2, 2013
    risk 0.00cvss epss 0.01

    Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp,…

  • CVE-2013-5933Sep 25, 2013
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the…

  • CVE-2013-4777Sep 25, 2013
    risk 0.00cvss epss 0.00

    A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object.

  • CVE-2013-2905Aug 21, 2013
    risk 0.00cvss epss 0.01

    The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file.

  • CVE-2013-2904Aug 21, 2013
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes…

  • CVE-2013-2903Aug 21, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via…

  • CVE-2013-2902Aug 21, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call…

  • CVE-2013-2901Aug 21, 2013
    risk 0.00cvss epss 0.01

    Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and (2) libGLESv2/renderer/Renderer11.cpp in Almost Native Graphics Layer Engine (ANGLE), as used in Google Chrome before 29.0.1547.57, allow remote attackers to cause a denial of service or possibly have…

  • CVE-2013-2900Aug 21, 2013
    risk 0.00cvss epss 0.02

    The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks…

  • CVE-2013-2887Aug 21, 2013
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Page 209 of 227