Export limit exceeded: 342715 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4308 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-1107 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors. | ||||
| CVE-2010-2649 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (application crash) via an invalid image. | ||||
| CVE-2010-0658 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-04-11 | N/A |
| Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements. | ||||
| CVE-2011-3056 | 3 Apple, Google, Opensuse | 4 Iphone Os, Safari, Chrome and 1 more | 2025-04-11 | N/A |
| Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." | ||||
| CVE-2011-3055 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. | ||||
| CVE-2011-1302 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2011-3054 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. | ||||
| CVE-2013-6661 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors. | ||||
| CVE-2013-6660 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site. | ||||
| CVE-2011-3053 | 3 Apple, Google, Opensuse | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. | ||||
| CVE-2011-1059 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. | ||||
| CVE-2010-2648 | 3 Canonical, Google, Opensuse | 3 Ubuntu Linux, Chrome, Opensuse | 2025-04-11 | N/A |
| The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2013-6659 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation. | ||||
| CVE-2013-6658 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. | ||||
| CVE-2011-3052 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2013-6657 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-6656 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2011-3051 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | N/A |
| Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. | ||||
| CVE-2011-1042 | 1 Google | 1 Chrome Os | 2025-04-11 | N/A |
| Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta allows user-assisted remote attackers to cause a denial of service (daemon crash) by providing the name of a hidden WiFi network that does not respond to connection attempts. | ||||
| CVE-2013-6655 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. | ||||