Total
3085 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1745 | 1 Google | 1 Chrome | 2017-12-28 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. | |||||
| CVE-2014-1744 | 1 Google | 1 Chrome | 2017-12-28 | 7.5 HIGH | N/A |
| Integer overflow in the AudioInputRendererHost::OnCreateStream function in content/browser/renderer_host/media/audio_input_renderer_host.cc in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large shared-memory allocation. | |||||
| CVE-2014-1743 | 1 Google | 1 Chrome | 2017-12-28 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation. | |||||
| CVE-2014-1741 | 1 Google | 1 Chrome | 2017-12-27 | 7.5 HIGH | N/A |
| Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to ranges. | |||||
| CVE-2014-1740 | 1 Google | 1 Chrome | 2017-12-27 | 7.5 HIGH | N/A |
| Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion. | |||||
| CVE-2014-1742 | 1 Google | 1 Chrome | 2017-12-27 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling. | |||||
| CVE-2017-5122 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-12-08 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page. | |||||
| CVE-2011-3097 | 1 Google | 1 Chrome | 2017-12-04 | 10.0 HIGH | N/A |
| The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions. | |||||
| CVE-2011-3099 | 1 Google | 1 Chrome | 2017-12-04 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding. | |||||
| CVE-2016-1628 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-11-05 | 6.8 MEDIUM | 6.3 MEDIUM |
| pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions. | |||||
| CVE-2015-1206 | 1 Google | 1 Chrome | 2017-11-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file. | |||||
| CVE-2014-7910 | 1 Google | 1 Chrome | 2017-10-04 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2009-1514 | 1 Google | 1 Chrome | 2017-09-28 | 5.0 MEDIUM | N/A |
| Google Chrome 1.0.154.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a throw statement with a long exception value. | |||||
| CVE-2008-6998 | 1 Google | 1 Chrome | 2017-09-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which triggers the overflow when the status bar is updated after the user hovers over the link. | |||||
| CVE-2008-6997 | 1 Google | 1 Chrome | 2017-09-28 | 4.3 MEDIUM | N/A |
| Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action. | |||||
| CVE-2008-6995 | 1 Google | 1 Chrome | 2017-09-28 | 4.3 MEDIUM | N/A |
| Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated using an "about:%" URI. | |||||
| CVE-2013-2856 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-18 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. | |||||
| CVE-2013-2878 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-18 | 5.0 MEDIUM | N/A |
| Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text. | |||||
| CVE-2013-6628 | 1 Google | 1 Chrome | 2017-09-18 | 4.3 MEDIUM | N/A |
| net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. | |||||
| CVE-2013-6627 | 1 Google | 1 Chrome | 2017-09-18 | 5.0 MEDIUM | N/A |
| net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. | |||||