Total
3671 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2345 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | N/A |
| The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-2795 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not prevent calls to functions in other frames, which allows remote attackers to bypass intended access restrictions via a crafted web site, related to a "cross-frame function leak." | |||||
| CVE-2011-1807 | 1 Google | 1 Chrome | 2023-11-07 | 10.0 HIGH | N/A |
| Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write. | |||||
| CVE-2011-2802 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site. | |||||
| CVE-2011-1812 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Google Chrome before 12.0.742.91 allows remote attackers to bypass intended access restrictions via vectors related to extensions. | |||||
| CVE-2011-2796 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2011-2349 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text selection. | |||||
| CVE-2011-2792 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. | |||||
| CVE-2011-2787 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
| CVE-2011-2351 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. | |||||
| CVE-2011-1819 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | N/A |
| Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chrome:// page via vectors related to extensions. | |||||
| CVE-2011-1804 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2011-2785 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | N/A |
| The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension. | |||||
| CVE-2011-2783 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. | |||||
| CVE-2011-2819 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. | |||||
| CVE-2011-2805 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors. | |||||
| CVE-2011-2791 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| The International Components for Unicode (ICU) functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. | |||||
| CVE-2011-2798 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site. | |||||
| CVE-2011-2358 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. | |||||
| CVE-2011-1795 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document containing a FORM element. | |||||