VYPR

Vendor CVEs

Google

All CVEs

10,945 total · sorted by risk
  • CVE-2011-0479Jan 14, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer.

  • CVE-2011-0478Jan 14, 2011
    risk 0.00cvss epss 0.03

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

  • CVE-2011-0477Jan 14, 2011
    risk 0.00cvss epss 0.03

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-0476Jan 14, 2011
    risk 0.00cvss epss 0.03

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a PDF document that triggers an out-of-memory error.

  • CVE-2011-0475Jan 14, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document.

  • CVE-2011-0474Jan 14, 2011
    risk 0.00cvss epss 0.03

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown…

  • CVE-2011-0473Jan 14, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via…

  • CVE-2011-0472Jan 14, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a multi-page…

  • CVE-2011-0471Jan 14, 2011
    risk 0.00cvss epss 0.02

    The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-0470Jan 14, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

  • CVE-2010-4578Dec 22, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."

  • CVE-2010-4576Dec 22, 2010
    risk 0.00cvss epss 0.02

    browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via…

  • CVE-2010-4575Dec 22, 2010
    risk 0.00cvss epss 0.01

    The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted…

  • CVE-2010-4574Dec 22, 2010
    risk 0.00cvss epss 0.02

    The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a…

  • CVE-2010-4493Dec 7, 2010
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events.

  • CVE-2010-4492Dec 7, 2010
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations.

  • CVE-2010-4491Dec 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 8.0.552.215 does not properly restrict privileged extensions, which allows remote attackers to cause a denial of service (memory corruption) via a crafted extension.

  • CVE-2010-4490Dec 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via malformed video content that triggers an indexing error.

  • CVE-2010-4489Dec 7, 2010
    risk 0.00cvss epss 0.01

    libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video. NOTE: this vulnerability exists because of a regression.

  • CVE-2010-4488Dec 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 8.0.552.215 does not properly handle HTTP proxy authentication, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

  • CVE-2010-4487Dec 7, 2010
    risk 0.00cvss epss 0.01

    Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 on Linux and Mac OS X allows remote attackers to have an unspecified impact via a "dangerous file."

  • CVE-2010-4486Dec 7, 2010
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling.

  • CVE-2010-4485Dec 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 8.0.552.215 does not properly restrict the generation of file dialogs, which allows remote attackers to cause a denial of service (reduced usability and possible application crash) via a crafted web site.

  • CVE-2010-4484Dec 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 8.0.552.215 does not properly handle HTML5 databases, which allows attackers to cause a denial of service (application crash) via unspecified vectors.

  • CVE-2010-4483Dec 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site.

  • CVE-2010-4482Dec 7, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to bypass the pop-up blocker via unknown vectors.

  • CVE-2010-4008Nov 17, 2010
    risk 0.00cvss epss 0.03

    libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service…

  • CVE-2010-4037Oct 21, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Google Chrome before 7.0.517.41 allows remote attackers to bypass the pop-up blocker via unknown vectors.

  • CVE-2010-4036Oct 21, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remote attackers to spoof URLs via unspecified vectors.

  • CVE-2010-4035Oct 21, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 7.0.517.41 does not properly perform autofill operations for forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

  • CVE-2010-4034Oct 21, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

  • CVE-2010-4033Oct 21, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors.

  • CVE-2010-1825Sep 24, 2010
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements.

  • CVE-2010-1824Sep 24, 2010
    risk 0.00cvss epss 0.04

    Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error…

  • CVE-2010-1823Sep 24, 2010
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing,…

  • CVE-2010-1767Sep 24, 2010
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous…

  • CVE-2010-3417Sep 16, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.

  • CVE-2010-3415Sep 16, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2010-3414Sep 16, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. NOTE: this issue exists because of an incorrect fix for…

  • CVE-2010-3413Sep 16, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the pop-up blocking functionality in Google Chrome before 6.0.472.59 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

  • CVE-2010-3412Sep 16, 2010
    risk 0.00cvss epss 0.01

    Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impact and attack vectors.

  • CVE-2010-3411Sep 16, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attackers to cause a denial of service (assertion failure) via unspecified vectors.

  • CVE-2010-3259Sep 7, 2010
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and…

  • CVE-2010-3258Sep 7, 2010
    risk 0.00cvss epss 0.01

    The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors.

  • CVE-2010-3257Sep 7, 2010
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors…

  • CVE-2010-3256Sep 7, 2010
    risk 0.00cvss epss 0.01

    Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors.

  • CVE-2010-3255Sep 7, 2010
    risk 0.00cvss epss 0.02

    Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2010-3254Sep 7, 2010
    risk 0.00cvss epss 0.02

    The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2010-3253Sep 7, 2010
    risk 0.00cvss epss 0.01

    The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2010-3252Sep 7, 2010
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the Notifications presenter in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Page 216 of 219