Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Google Subscribe
Filtered by product Chrome Os
Total 457 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0477 1 Google 2 Chrome, Chrome Os 2020-07-27 10.0 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors.
CVE-2011-0485 1 Google 2 Chrome, Chrome Os 2020-07-24 10.0 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer."
CVE-2011-0480 3 Canonical, Debian, Google 4 Ubuntu Linux, Debian Linux, Chrome and 1 more 2020-07-24 9.3 HIGH N/A
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue.
CVE-2011-0479 1 Google 2 Chrome, Chrome Os 2020-07-24 7.5 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer.
CVE-2011-0475 1 Google 2 Chrome, Chrome Os 2020-07-24 9.3 HIGH N/A
Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document.
CVE-2011-0474 2 Debian, Google 3 Debian Linux, Chrome, Chrome Os 2020-07-24 10.0 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2011-0470 1 Google 2 Chrome, Chrome Os 2020-07-24 5.0 MEDIUM N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2011-0478 1 Google 2 Chrome, Chrome Os 2020-07-24 10.0 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2011-0483 1 Google 2 Chrome, Chrome Os 2020-07-24 5.0 MEDIUM N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-0482 2 Debian, Google 3 Debian Linux, Chrome, Chrome Os 2020-07-24 4.3 MEDIUM N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
CVE-2011-0481 1 Google 2 Chrome, Chrome Os 2020-07-24 9.3 HIGH N/A
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading.
CVE-2011-0476 1 Google 2 Chrome, Chrome Os 2020-07-24 10.0 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a PDF document that triggers an out-of-memory error.
CVE-2011-0473 1 Google 2 Chrome, Chrome Os 2020-07-24 10.0 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2011-0472 1 Google 2 Chrome, Chrome Os 2020-07-24 9.3 HIGH N/A
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a multi-page document.
CVE-2011-0471 1 Google 2 Chrome, Chrome Os 2020-07-24 10.0 HIGH N/A
The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2014-3180 2 Google, Linux 2 Chrome Os, Linux Kernel 2019-11-08 6.4 MEDIUM 9.1 CRITICAL
** DISPUTED ** In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable.
CVE-2019-16508 1 Google 1 Chrome Os 2019-10-08 9.3 HIGH 7.8 HIGH
The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVRSRVBridgeSyncPrimOpCreate.
CVE-2018-15967 6 Adobe, Apple, Google and 3 more 11 Flash Player, Flash Player Desktop Runtime, Mac Os X and 8 more 2019-10-02 5.0 MEDIUM 7.5 HIGH
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
CVE-2017-5084 1 Google 1 Chrome Os 2019-10-02 2.1 LOW 3.3 LOW
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
CVE-2018-12828 6 Adobe, Apple, Google and 3 more 10 Flash Player, Mac Os X, Chrome Os and 7 more 2019-10-02 7.5 HIGH 9.8 CRITICAL
Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.