VYPR

Vendor CVEs

Google

All CVEs

11,327 total · sorted by risk
  • CVE-2013-0883Feb 23, 2013
    risk 0.00cvss epss 0.01

    Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.

  • CVE-2013-0882Feb 23, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via a large number of SVG parameters.

  • CVE-2013-0881Feb 23, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via crafted data in the Matroska container format.

  • CVE-2013-0880Feb 23, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases.

  • CVE-2013-0879Feb 23, 2013
    risk 0.00cvss epss 0.02

    Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2012-5564Feb 14, 2013
    risk 0.00cvss epss 0.00

    android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log.

  • CVE-2011-1352Feb 5, 2013
    risk 0.00cvss epss 0.00

    The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device.

  • CVE-2013-0843Jan 24, 2013
    risk 0.00cvss epss 0.01

    content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly…

  • CVE-2013-0842Jan 24, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors.

  • CVE-2013-0841Jan 24, 2013
    risk 0.00cvss epss 0.01

    Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2013-0840Jan 24, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which has unspecified impact and remote attack vectors.

  • CVE-2013-0839Jan 24, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements.

  • CVE-2013-0838Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors.

  • CVE-2013-0837Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs.

  • CVE-2013-0836Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code.

  • CVE-2013-0835Jan 15, 2013
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Geolocation implementation in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

  • CVE-2013-0834Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving glyphs.

  • CVE-2013-0833Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing.

  • CVE-2013-0832Jan 15, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.

  • CVE-2013-0831Jan 15, 2013
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process.

  • CVE-2013-0830Jan 15, 2013
    risk 0.00cvss epss 0.01

    The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a NUL character required for termination of an unspecified data structure, which has unknown impact and attack vectors.

  • CVE-2013-0829Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 does not properly maintain database metadata, which allows remote attackers to bypass intended file-access restrictions via unspecified vectors.

  • CVE-2013-0828Jan 15, 2013
    risk 0.00cvss epss 0.02

    The PDF functionality in Google Chrome before 24.0.1312.52 does not properly perform a cast of an unspecified variable during processing of the root of the structure tree, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a…

  • CVE-2012-5157Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 does not properly handle image data in PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

  • CVE-2012-5156Jan 15, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF fields.

  • CVE-2012-5155Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors.

  • CVE-2012-5154Jan 15, 2013
    risk 0.00cvss epss 0.01

    Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory.

  • CVE-2012-5153Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory.

  • CVE-2012-5152Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data.

  • CVE-2012-5151Jan 15, 2013
    risk 0.00cvss epss 0.01

    Integer overflow in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code in a PDF document.

  • CVE-2012-5150Jan 15, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data.

  • CVE-2012-5149Jan 15, 2013
    risk 0.00cvss epss 0.01

    Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2012-5148Jan 15, 2013
    risk 0.00cvss epss 0.01

    The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors.

  • CVE-2012-5147Jan 15, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.

  • CVE-2012-5146Jan 15, 2013
    risk 0.00cvss epss 0.01

    Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL.

  • CVE-2012-5145Jan 15, 2013
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout.

  • CVE-2012-5144Dec 12, 2012
    risk 0.00cvss epss 0.04

    Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an…

  • CVE-2012-5143Dec 12, 2012
    risk 0.00cvss epss 0.02

    Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers.

  • CVE-2012-5142Dec 12, 2012
    risk 0.00cvss epss 0.03

    Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

  • CVE-2012-5141Dec 12, 2012
    risk 0.00cvss epss 0.01

    Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors.

  • CVE-2012-5140Dec 12, 2012
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader.

  • CVE-2012-5139Dec 12, 2012
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events.

  • CVE-2012-5138Dec 4, 2012
    risk 0.00cvss epss 0.01

    Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.

  • CVE-2012-5137Dec 4, 2012
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.

  • CVE-2012-5129Dec 4, 2012
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other impact via unknown vectors.

  • CVE-2012-4222Nov 30, 2012
    risk 0.00cvss epss 0.01

    drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference) via an application that uses crafted arguments in a local kgsl_ioctl call.

  • CVE-2012-4221Nov 30, 2012
    risk 0.00cvss epss 0.02

    Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local…

  • CVE-2012-4220Nov 30, 2012
    risk 0.00cvss epss 0.03

    diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via an application that uses crafted arguments…

  • CVE-2012-6051Nov 28, 2012
    risk 0.00cvss epss 0.01

    Google CityHash computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as…

  • CVE-2012-5136Nov 28, 2012
    risk 0.00cvss epss 0.01

    Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.

Page 212 of 227