Vendor CVEs
All CVEs
11,327 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-2901 | 0.00 | — | 0.02 | Jul 28, 2010 | The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2010-2900 | 0.00 | — | 0.01 | Jul 28, 2010 | Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors. | |||
| CVE-2010-2899 | 0.00 | — | 0.01 | Jul 28, 2010 | Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors. | |||
| CVE-2010-2898 | 0.00 | — | 0.01 | Jul 28, 2010 | Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors. | |||
| CVE-2010-2897 | 0.00 | — | 0.01 | Jul 28, 2010 | Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors. | |||
| CVE-2010-2652 | 0.00 | — | 0.01 | Jul 6, 2010 | Google Chrome before 5.0.375.99 does not properly implement modal dialogs, which allows attackers to cause a denial of service (application crash) via unspecified vectors. | |||
| CVE-2010-2651 | 0.00 | — | 0.01 | Jul 6, 2010 | The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2010-2650 | 0.00 | — | 0.01 | Jul 6, 2010 | Unspecified vulnerability in Google Chrome before 5.0.375.99 has unknown impact and attack vectors, related to an "annoyance with print dialogs." | |||
| CVE-2010-2649 | 0.00 | — | 0.01 | Jul 6, 2010 | Unspecified vulnerability in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (application crash) via an invalid image. | |||
| CVE-2010-2648 | 0.00 | — | 0.02 | Jul 6, 2010 | The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2010-2647 | 0.00 | — | 0.02 | Jul 6, 2010 | Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document. | |||
| CVE-2010-2646 | 0.00 | — | 0.01 | Jul 6, 2010 | Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors. | |||
| CVE-2010-2645 | 0.00 | — | 0.01 | Jul 6, 2010 | Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote attackers to cause a denial of service (out-of-bounds read) via unknown vectors. | |||
| CVE-2010-2302 | 0.00 | — | 0.03 | Jun 15, 2010 | Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar… | |||
| CVE-2010-2301 | 0.00 | — | 0.01 | Jun 15, 2010 | Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might… | |||
| CVE-2010-2299 | 0.00 | — | 0.03 | Jun 15, 2010 | The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors… | |||
| CVE-2010-2298 | 0.00 | — | 0.02 | Jun 15, 2010 | browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving… | |||
| CVE-2010-2297 | 0.00 | — | 0.03 | Jun 15, 2010 | rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. | |||
| CVE-2010-2296 | 0.00 | — | 0.02 | Jun 15, 2010 | The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors. | |||
| CVE-2010-2295 | 0.00 | — | 0.01 | Jun 15, 2010 | page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar… | |||
| CVE-2010-1770 | 0.00 | — | 0.05 | Jun 11, 2010 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers… | |||
| CVE-2010-2120 | 0.00 | — | 0.01 | Jun 1, 2010 | Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs. | |||
| CVE-2010-2110 | 0.00 | — | 0.01 | May 28, 2010 | Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors. | |||
| CVE-2010-2109 | 0.00 | — | 0.01 | May 28, 2010 | Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality. | |||
| CVE-2010-2108 | 0.00 | — | 0.01 | May 28, 2010 | Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors. | |||
| CVE-2010-2107 | 0.00 | — | 0.01 | May 28, 2010 | Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality. | |||
| CVE-2010-2106 | 0.00 | — | 0.01 | May 28, 2010 | Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers. | |||
| CVE-2010-2105 | 0.00 | — | 0.01 | May 28, 2010 | Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors. | |||
| CVE-2010-1992 | 0.00 | — | 0.01 | May 20, 2010 | Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements. | |||
| CVE-2010-1851 | 0.00 | — | 0.00 | May 7, 2010 | Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a… | |||
| CVE-2010-1731 | 0.00 | — | 0.01 | May 6, 2010 | Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop. | |||
| CVE-2010-1665 | 0.00 | — | 0.02 | May 3, 2010 | Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. | |||
| CVE-2010-1664 | 0.00 | — | 0.02 | May 3, 2010 | Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. | |||
| CVE-2010-1506 | 0.00 | — | 0.01 | Apr 23, 2010 | The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors. | |||
| CVE-2010-1505 | 0.00 | — | 0.01 | Apr 23, 2010 | Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors. | |||
| CVE-2010-1504 | 0.00 | — | 0.01 | Apr 23, 2010 | Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI. | |||
| CVE-2010-1503 | 0.00 | — | 0.01 | Apr 23, 2010 | Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI. | |||
| CVE-2010-1502 | 0.00 | — | 0.02 | Apr 23, 2010 | Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools." | |||
| CVE-2010-1500 | 0.00 | — | 0.01 | Apr 23, 2010 | Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error." | |||
| CVE-2010-1237 | 0.00 | — | 0.01 | Apr 1, 2010 | Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element. | |||
| CVE-2010-1236 | 0.00 | — | 0.01 | Apr 1, 2010 | The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct… | |||
| CVE-2010-1235 | 0.00 | — | 0.01 | Apr 1, 2010 | Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors. | |||
| CVE-2010-1234 | 0.00 | — | 0.01 | Apr 1, 2010 | Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate the URL shown in the HTTP Basic Authentication dialog via unknown vectors. | |||
| CVE-2010-1233 | 0.00 | — | 0.03 | Apr 1, 2010 | Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects. | |||
| CVE-2010-1232 | 0.00 | — | 0.01 | Apr 1, 2010 | Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via a malformed SVG document. | |||
| CVE-2010-1231 | 0.00 | — | 0.01 | Apr 1, 2010 | Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote attackers to have an unspecified impact via crafted headers. | |||
| CVE-2010-1230 | 0.00 | — | 0.01 | Apr 1, 2010 | Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors. | |||
| CVE-2010-1229 | 0.00 | — | 0.01 | Apr 1, 2010 | The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors. | |||
| CVE-2010-1228 | 0.00 | — | 0.01 | Apr 1, 2010 | Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors. | |||
| CVE-2010-0664 | 0.00 | — | 0.01 | Feb 18, 2010 | Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of service (memory consumption and application crash) via a URL that… |
- CVE-2010-2901Jul 28, 2010risk 0.00cvss —epss 0.02
The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2010-2900Jul 28, 2010risk 0.00cvss —epss 0.01
Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors.
- CVE-2010-2899Jul 28, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors.
- CVE-2010-2898Jul 28, 2010risk 0.00cvss —epss 0.01
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.
- CVE-2010-2897Jul 28, 2010risk 0.00cvss —epss 0.01
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors.
- CVE-2010-2652Jul 6, 2010risk 0.00cvss —epss 0.01
Google Chrome before 5.0.375.99 does not properly implement modal dialogs, which allows attackers to cause a denial of service (application crash) via unspecified vectors.
- CVE-2010-2651Jul 6, 2010risk 0.00cvss —epss 0.01
The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2010-2650Jul 6, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 5.0.375.99 has unknown impact and attack vectors, related to an "annoyance with print dialogs."
- CVE-2010-2649Jul 6, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (application crash) via an invalid image.
- CVE-2010-2648Jul 6, 2010risk 0.00cvss —epss 0.02
The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
- CVE-2010-2647Jul 6, 2010risk 0.00cvss —epss 0.02
Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.
- CVE-2010-2646Jul 6, 2010risk 0.00cvss —epss 0.01
Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors.
- CVE-2010-2645Jul 6, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote attackers to cause a denial of service (out-of-bounds read) via unknown vectors.
- CVE-2010-2302Jun 15, 2010risk 0.00cvss —epss 0.03
Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar…
- CVE-2010-2301Jun 15, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might…
- CVE-2010-2299Jun 15, 2010risk 0.00cvss —epss 0.03
The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors…
- CVE-2010-2298Jun 15, 2010risk 0.00cvss —epss 0.02
browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving…
- CVE-2010-2297Jun 15, 2010risk 0.00cvss —epss 0.03
rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table.
- CVE-2010-2296Jun 15, 2010risk 0.00cvss —epss 0.02
The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors.
- CVE-2010-2295Jun 15, 2010risk 0.00cvss —epss 0.01
page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar…
- CVE-2010-1770Jun 11, 2010risk 0.00cvss —epss 0.05
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers…
- CVE-2010-2120Jun 1, 2010risk 0.00cvss —epss 0.01
Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
- CVE-2010-2110May 28, 2010risk 0.00cvss —epss 0.01
Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors.
- CVE-2010-2109May 28, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality.
- CVE-2010-2108May 28, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors.
- CVE-2010-2107May 28, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.
- CVE-2010-2106May 28, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.
- CVE-2010-2105May 28, 2010risk 0.00cvss —epss 0.01
Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors.
- CVE-2010-1992May 20, 2010risk 0.00cvss —epss 0.01
Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
- CVE-2010-1851May 7, 2010risk 0.00cvss —epss 0.00
Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a…
- CVE-2010-1731May 6, 2010risk 0.00cvss —epss 0.01
Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop.
- CVE-2010-1665May 3, 2010risk 0.00cvss —epss 0.02
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
- CVE-2010-1664May 3, 2010risk 0.00cvss —epss 0.02
Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
- CVE-2010-1506Apr 23, 2010risk 0.00cvss —epss 0.01
The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors.
- CVE-2010-1505Apr 23, 2010risk 0.00cvss —epss 0.01
Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.
- CVE-2010-1504Apr 23, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.
- CVE-2010-1503Apr 23, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.
- CVE-2010-1502Apr 23, 2010risk 0.00cvss —epss 0.02
Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools."
- CVE-2010-1500Apr 23, 2010risk 0.00cvss —epss 0.01
Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error."
- CVE-2010-1237Apr 1, 2010risk 0.00cvss —epss 0.01
Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element.
- CVE-2010-1236Apr 1, 2010risk 0.00cvss —epss 0.01
The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct…
- CVE-2010-1235Apr 1, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors.
- CVE-2010-1234Apr 1, 2010risk 0.00cvss —epss 0.01
Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate the URL shown in the HTTP Basic Authentication dialog via unknown vectors.
- CVE-2010-1233Apr 1, 2010risk 0.00cvss —epss 0.03
Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects.
- CVE-2010-1232Apr 1, 2010risk 0.00cvss —epss 0.01
Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via a malformed SVG document.
- CVE-2010-1231Apr 1, 2010risk 0.00cvss —epss 0.01
Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote attackers to have an unspecified impact via crafted headers.
- CVE-2010-1230Apr 1, 2010risk 0.00cvss —epss 0.01
Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.
- CVE-2010-1229Apr 1, 2010risk 0.00cvss —epss 0.01
The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors.
- CVE-2010-1228Apr 1, 2010risk 0.00cvss —epss 0.01
Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors.
- CVE-2010-0664Feb 18, 2010risk 0.00cvss —epss 0.01
Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of service (memory consumption and application crash) via a URL that…
Page 225 of 227