Filtered by vendor Google
Subscriptions
Total
12111 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-2878 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text. | ||||
CVE-2013-2862 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
CVE-2013-2915 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL. | ||||
CVE-2013-2866 | 1 Google | 2 Chrome, Chrome Os | 2024-08-06 | N/A |
The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Google Chrome OS before 27.0.1453.116 and separately, does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property. | ||||
CVE-2013-2876 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page. | ||||
CVE-2013-2909 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings. | ||||
CVE-2013-2908 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code. | ||||
CVE-2013-2900 | 3 Debian, Google, Microsoft | 3 Debian Linux, Chrome, Windows | 2024-08-06 | N/A |
The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. | ||||
CVE-2013-2868 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors. | ||||
CVE-2013-2912 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a resource-destruction message. | ||||
CVE-2013-2887 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
CVE-2013-2871 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. | ||||
CVE-2013-2905 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. | ||||
CVE-2013-2904 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. | ||||
CVE-2013-2906 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/platform/audio/AudioDSPKernelProcessor.cpp, core/platform/audio/HRTFElevation.cpp, and modules/webaudio/ConvolverNode.cpp. | ||||
CVE-2013-2847 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors. | ||||
CVE-2013-2880 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
CVE-2013-2858 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
CVE-2013-2864 | 1 Google | 1 Chrome | 2024-08-06 | N/A |
The PDF functionality in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via unknown vectors. | ||||
CVE-2013-2867 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-08-06 | N/A |
Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site. |