Vendor CVEs
All CVEs
11,327 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-1305 | 0.00 | — | 0.01 | May 3, 2011 | Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database. | |||
| CVE-2011-1304 | 0.00 | — | 0.01 | May 3, 2011 | Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins. | |||
| CVE-2011-1303 | 0.00 | — | 0.01 | May 3, 2011 | Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1149 | 0.00 | — | 0.00 | Apr 21, 2011 | Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and… | |||
| CVE-2011-1302 | 0.00 | — | 0.03 | Apr 15, 2011 | Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. | |||
| CVE-2011-1301 | 0.00 | — | 0.04 | Apr 15, 2011 | Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. | |||
| CVE-2011-1300 | 0.00 | — | 0.03 | Apr 15, 2011 | The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on… | |||
| CVE-2011-1691 | 0.00 | — | 0.02 | Apr 15, 2011 | The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement… | |||
| CVE-2011-0458 | 0.00 | — | 0.00 | Mar 28, 2011 | Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | |||
| CVE-2011-1296 | 0.00 | — | 0.02 | Mar 25, 2011 | Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1295 | 0.00 | — | 0.02 | Mar 25, 2011 | WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified… | |||
| CVE-2011-1294 | 0.00 | — | 0.02 | Mar 25, 2011 | Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1293 | 0.00 | — | 0.02 | Mar 25, 2011 | Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-1292 | 0.00 | — | 0.02 | Mar 25, 2011 | Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-1291 | 0.00 | — | 0.02 | Mar 25, 2011 | Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error." | |||
| CVE-2011-1465 | 0.00 | — | 0.02 | Mar 20, 2011 | The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream. | |||
| CVE-2011-1413 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages. | |||
| CVE-2011-1286 | 0.00 | — | 0.02 | Mar 11, 2011 | Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory. | |||
| CVE-2011-1285 | 0.00 | — | 0.02 | Mar 11, 2011 | The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-1204 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. | |||
| CVE-2011-1203 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1202 | 0.00 | — | 0.02 | Mar 11, 2011 | The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a… | |||
| CVE-2011-1201 | 0.00 | — | 0.02 | Mar 11, 2011 | The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1200 | 0.00 | — | 0.01 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during text rendering, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | |||
| CVE-2011-1199 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-1198 | 0.00 | — | 0.02 | Mar 11, 2011 | The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure." | |||
| CVE-2011-1197 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1196 | 0.00 | — | 0.02 | Mar 11, 2011 | The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | |||
| CVE-2011-1195 | 0.00 | — | 0.02 | Mar 11, 2011 | Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling." | |||
| CVE-2011-1194 | 0.00 | — | 0.01 | Mar 11, 2011 | Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors. | |||
| CVE-2011-1193 | 0.00 | — | 0.02 | Mar 11, 2011 | Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | |||
| CVE-2011-1192 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-1191 | 0.00 | — | 0.02 | Mar 11, 2011 | Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs. | |||
| CVE-2011-1190 | 0.00 | — | 0.02 | Mar 11, 2011 | The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." | |||
| CVE-2011-1189 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." | |||
| CVE-2011-1188 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-1187 | 0.00 | — | 0.02 | Mar 11, 2011 | Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." | |||
| CVE-2011-1186 | 0.00 | — | 0.03 | Mar 11, 2011 | Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to the print method, which might allow remote attackers to cause a denial of service (application crash) via crafted JavaScript code. | |||
| CVE-2011-1185 | 0.00 | — | 0.01 | Mar 11, 2011 | Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors. | |||
| CVE-2011-1306 | 0.00 | — | 0.01 | Mar 8, 2011 | Unspecified vulnerability in the Scratchpad application in Google Chrome OS before R10 0.10.156.46 Beta has unknown impact and attack vectors. | |||
| CVE-2011-1125 | 0.00 | — | 0.02 | Mar 1, 2011 | Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1124 | 0.00 | — | 0.02 | Mar 1, 2011 | Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins. | |||
| CVE-2011-1123 | 0.00 | — | 0.01 | Mar 1, 2011 | Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors. | |||
| CVE-2011-1122 | 0.00 | — | 0.02 | Mar 1, 2011 | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960. | |||
| CVE-2011-1121 | 0.00 | — | 0.02 | Mar 1, 2011 | Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | |||
| CVE-2011-1120 | 0.00 | — | 0.02 | Mar 1, 2011 | The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717. | |||
| CVE-2011-1119 | 0.00 | — | 0.01 | Mar 1, 2011 | Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1118 | 0.00 | — | 0.01 | Mar 1, 2011 | Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | |||
| CVE-2011-1117 | 0.00 | — | 0.02 | Mar 1, 2011 | Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." | |||
| CVE-2011-1116 | 0.00 | — | 0.02 | Mar 1, 2011 | Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
- CVE-2011-1305May 3, 2011risk 0.00cvss —epss 0.01
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.
- CVE-2011-1304May 3, 2011risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.
- CVE-2011-1303May 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1149Apr 21, 2011risk 0.00cvss —epss 0.00
Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and…
- CVE-2011-1302Apr 15, 2011risk 0.00cvss —epss 0.03
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
- CVE-2011-1301Apr 15, 2011risk 0.00cvss —epss 0.04
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
- CVE-2011-1300Apr 15, 2011risk 0.00cvss —epss 0.03
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on…
- CVE-2011-1691Apr 15, 2011risk 0.00cvss —epss 0.02
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement…
- CVE-2011-0458Mar 28, 2011risk 0.00cvss —epss 0.00
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
- CVE-2011-1296Mar 25, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1295Mar 25, 2011risk 0.00cvss —epss 0.02
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified…
- CVE-2011-1294Mar 25, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1293Mar 25, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1292Mar 25, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1291Mar 25, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."
- CVE-2011-1465Mar 20, 2011risk 0.00cvss —epss 0.02
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.
- CVE-2011-1413Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages.
- CVE-2011-1286Mar 11, 2011risk 0.00cvss —epss 0.02
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory.
- CVE-2011-1285Mar 11, 2011risk 0.00cvss —epss 0.02
The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1204Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.
- CVE-2011-1203Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1202Mar 11, 2011risk 0.00cvss —epss 0.02
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a…
- CVE-2011-1201Mar 11, 2011risk 0.00cvss —epss 0.02
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1200Mar 11, 2011risk 0.00cvss —epss 0.01
Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during text rendering, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
- CVE-2011-1199Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1198Mar 11, 2011risk 0.00cvss —epss 0.02
The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."
- CVE-2011-1197Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1196Mar 11, 2011risk 0.00cvss —epss 0.02
The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.
- CVE-2011-1195Mar 11, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling."
- CVE-2011-1194Mar 11, 2011risk 0.00cvss —epss 0.01
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors.
- CVE-2011-1193Mar 11, 2011risk 0.00cvss —epss 0.02
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- CVE-2011-1192Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-1191Mar 11, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs.
- CVE-2011-1190Mar 11, 2011risk 0.00cvss —epss 0.02
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
- CVE-2011-1189Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
- CVE-2011-1188Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2011-1187Mar 11, 2011risk 0.00cvss —epss 0.02
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
- CVE-2011-1186Mar 11, 2011risk 0.00cvss —epss 0.03
Google Chrome before 10.0.648.127 on Linux does not properly handle parallel execution of calls to the print method, which might allow remote attackers to cause a denial of service (application crash) via crafted JavaScript code.
- CVE-2011-1185Mar 11, 2011risk 0.00cvss —epss 0.01
Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors.
- CVE-2011-1306Mar 8, 2011risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Scratchpad application in Google Chrome OS before R10 0.10.156.46 Beta has unknown impact and attack vectors.
- CVE-2011-1125Mar 1, 2011risk 0.00cvss —epss 0.02
Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1124Mar 1, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins.
- CVE-2011-1123Mar 1, 2011risk 0.00cvss —epss 0.01
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors.
- CVE-2011-1122Mar 1, 2011risk 0.00cvss —epss 0.02
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.
- CVE-2011-1121Mar 1, 2011risk 0.00cvss —epss 0.02
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.
- CVE-2011-1120Mar 1, 2011risk 0.00cvss —epss 0.02
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717.
- CVE-2011-1119Mar 1, 2011risk 0.00cvss —epss 0.01
Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1118Mar 1, 2011risk 0.00cvss —epss 0.01
Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.
- CVE-2011-1117Mar 1, 2011risk 0.00cvss —epss 0.02
Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."
- CVE-2011-1116Mar 1, 2011risk 0.00cvss —epss 0.02
Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
Page 222 of 227