Filtered by vendor Google
Subscriptions
Filtered by product Chrome
Subscriptions
Total
3791 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3096 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox. | ||||
| CVE-2010-4037 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome before 7.0.517.41 allows remote attackers to bypass the pop-up blocker via unknown vectors. | ||||
| CVE-2010-2110 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors. | ||||
| CVE-2010-3117 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2012-2889 | 2 Apple, Google | 2 Iphone Os, Chrome | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS)." | ||||
| CVE-2011-3094 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2010-4035 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 7.0.517.41 does not properly perform autofill operations for forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | ||||
| CVE-2011-3093 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-3092 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2010-1029 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2025-04-11 | N/A |
| Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences. | ||||
| CVE-2010-4033 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors. | ||||
| CVE-2011-3091 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2010-0664 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of service (memory consumption and application crash) via a URL that specifies multiple protocols, as demonstrated by a URL that begins with many repetitions of the view-source: substring. | ||||
| CVE-2011-3090 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes. | ||||
| CVE-2010-3730 | 1 Google | 1 Chrome | 2025-04-11 | 8.8 High |
| Google Chrome before 6.0.472.62 does not properly use information about the origin of a document to manage properties, which allows remote attackers to have an unspecified impact via a crafted web site, related to a "property pollution" issue. | ||||
| CVE-2011-3088 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2010-2646 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors. | ||||
| CVE-2012-1846 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code." | ||||
| CVE-2011-3087 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors. | ||||
| CVE-2011-3086 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element. | ||||