Export limit exceeded: 14067 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14067 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-3046 | 3 Apple, Google, Opensuse | 4 Iphone Os, Safari, Chrome and 1 more | 2025-04-11 | N/A |
| The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. | ||||
| CVE-2012-5120 | 2 Google, Linux | 3 Chrome, V8, Linux Kernel | 2025-04-11 | N/A |
| Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array. | ||||
| CVE-2013-1489 | 6 Google, Microsoft, Mozilla and 3 more | 7 Chrome, Internet Explorer, Firefox and 4 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability. | ||||
| CVE-2011-1691 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code. | ||||
| CVE-2010-4008 | 9 Apache, Apple, Canonical and 6 more | 16 Openoffice, Iphone Os, Itunes and 13 more | 2025-04-11 | N/A |
| libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. | ||||
| CVE-2010-4037 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome before 7.0.517.41 allows remote attackers to bypass the pop-up blocker via unknown vectors. | ||||
| CVE-2010-4197 | 4 Fedoraproject, Google, Redhat and 1 more | 4 Fedora, Chrome, Enterprise Linux and 1 more | 2025-04-11 | 9.8 Critical |
| Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. | ||||
| CVE-2010-4199 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 8.8 High |
| Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document. | ||||
| CVE-2010-4203 | 3 Google, Redhat, Webmproject | 6 Chrome, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2025-04-11 | 9.8 Critical |
| WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames. | ||||
| CVE-2011-1840 | 2 Google, Martinicreations | 2 Android, Passmanlite Password Manager | 2025-04-11 | N/A |
| The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access. | ||||
| CVE-2010-0556 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element. | ||||
| CVE-2011-2075 | 2 Google, Microsoft | 2 Chrome, Windows 7 | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities or multiple products. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2010-4484 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 8.0.552.215 does not properly handle HTML5 databases, which allows attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2010-4492 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations. | ||||
| CVE-2010-4493 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. | ||||
| CVE-2011-3089 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables. | ||||
| CVE-2011-3098 | 3 Google, Microsoft, Opensuse | 3 Chrome, Windows, Opensuse | 2025-04-11 | N/A |
| Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory. | ||||
| CVE-2011-3106 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2011-3108 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache. | ||||
| CVE-2010-0644 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity. | ||||