Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1710 | 1 Google | 1 Chrome Os | 2023-11-07 | 7.5 HIGH | N/A |
| The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2014-1715 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2023-11-07 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. | |||||
| CVE-2014-1734 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2014-3165 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a temporary object during method completion. | |||||
| CVE-2014-1731 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2023-11-07 | 7.5 HIGH | N/A |
| core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. | |||||
| CVE-2014-3178 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies. | |||||
| CVE-2013-6630 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | |||||
| CVE-2013-6638 | 1 Google | 2 Chrome, V8 | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions. | |||||
| CVE-2013-2920 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring. | |||||
| CVE-2013-2836 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2833 | 1 Google | 1 Chrome Os | 2023-11-07 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements. | |||||
| CVE-2013-2913 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. | |||||
| CVE-2013-2876 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page. | |||||
| CVE-2013-2862 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-2878 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text. | |||||
| CVE-2013-2859 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors. | |||||
| CVE-2013-2926 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements. | |||||
| CVE-2013-2901 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and (2) libGLESv2/renderer/Renderer11.cpp in Almost Native Graphics Layer Engine (ANGLE), as used in Google Chrome before 29.0.1547.57, allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2013-2868 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors. | |||||
| CVE-2013-2881 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-11-07 | 5.8 MEDIUM | N/A |
| Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | |||||