Filtered by vendor Google
Subscriptions
Filtered by product Chrome
Subscriptions
Total
3449 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-2647 | 3 Apple, Google, Yahoo | 3 Safari, Chrome, Toolbar | 2024-09-16 | N/A |
Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page. | ||||
CVE-2013-0843 | 2 Apple, Google | 2 Mac Os X, Chrome | 2024-09-16 | N/A |
content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a web site that provides WebRTC audio. | ||||
CVE-2012-4908 | 1 Google | 2 Android, Chrome | 2024-09-16 | N/A |
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. | ||||
CVE-2010-1731 | 2 Google, Htc | 2 Chrome, Hero | 2024-09-16 | N/A |
Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. | ||||
CVE-2009-2974 | 1 Google | 1 Chrome | 2024-09-16 | N/A |
Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location property or (2) cause a denial of service (application hang and CPU consumption) via vectors involving a series of function calls that set a chromehtml: URI value for the document.location property. | ||||
CVE-2012-5155 | 2 Apple, Google | 2 Mac Os X, Chrome | 2024-09-16 | N/A |
Google Chrome before 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. | ||||
CVE-2012-4907 | 1 Google | 2 Android, Chrome | 2024-09-16 | N/A |
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page. | ||||
CVE-2012-2827 | 2 Apple, Google | 2 Mac Os X, Chrome | 2024-09-16 | N/A |
Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
CVE-2012-4903 | 1 Google | 2 Android, Chrome | 2024-09-16 | N/A |
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4906. | ||||
CVE-2013-2872 | 2 Apple, Google | 2 Mac Os X, Chrome | 2024-09-16 | N/A |
Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for renderer processes, which might make it easier for remote attackers to defeat cryptographic protection mechanisms in third-party components via unspecified vectors. | ||||
CVE-2024-8639 | 1 Google | 2 Android, Chrome | 2024-09-13 | 8.8 High |
Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8638 | 1 Google | 1 Chrome | 2024-09-13 | 8.8 High |
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8637 | 1 Google | 2 Android, Chrome | 2024-09-13 | 8.8 High |
Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8636 | 1 Google | 1 Chrome | 2024-09-13 | 8.8 High |
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-7969 | 1 Google | 1 Chrome | 2024-09-06 | 8.8 High |
Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2023-5857 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-09-06 | 8.8 High |
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium) | ||||
CVE-2024-7970 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8362 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8198 | 1 Google | 1 Chrome | 2024-09-05 | 7.5 High |
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8194 | 1 Google | 1 Chrome | 2024-09-05 | 7.5 High |
Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |