VYPR

Vendor CVEs

Google

All CVEs

11,510 total · sorted by risk
  • CVE-2006-6223Dec 2, 2006
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded q parameter.

  • CVE-2006-6182Dec 1, 2006
    risk 0.00cvss epss 0.00

    The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file.

  • CVE-2005-3899Nov 29, 2005
    risk 0.00cvss epss 0.01

    The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature…

  • CVE-2005-3869Nov 29, 2005
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter.

  • CVE-2005-3755Nov 22, 2005
    risk 0.00cvss epss 0.04

    Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to determine the existence of arbitrary files via a relative path from a style sheet directory, then comparing the resulting error messages.

  • CVE-2005-3754Nov 22, 2005
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the…

  • CVE-2005-3756Nov 22, 2005
    risk 0.00cvss epss 0.02

    Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.

  • CVE-2005-3678Nov 18, 2005
    risk 0.00cvss epss 0.01

    Google Talk before 1.0.0.76, with email notification enabled, allows remote attackers to cause a denial of service (connection reset) via email with a blank sender.

  • CVE-2002-1442Apr 11, 2003
    risk 0.00cvss epss 0.01

    The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operations including script execution and file reading in other zones such as "My Computer" by opening a window to tools.google.com or the res: protocol, then using script to modify the…

  • CVE-2002-1443Apr 11, 2003
    risk 0.00cvss epss 0.01

    The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the toolbar via an "onkeydown" event handler.

Page 231 of 231