Filtered by vendor Google
Subscribe
Total
12727 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6628 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. | |||||
| CVE-2013-0630 | 5 Adobe, Apple, Google and 2 more | 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android 2.x and 3.x, and before 11.1.115.36 on Android 4.x; Adobe AIR before 3.5.0.1060; and Adobe AIR SDK before 3.5.0.1060 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-1444 | 3 Debian, Google, Linux | 3 Debian Linux, Chrome, Linux Kernel | 2025-04-11 | 6.8 MEDIUM | N/A |
| Race condition in the sandbox launcher implementation in Google Chrome before 11.0.696.57 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-3117 | 1 Google | 1 Chrome | 2025-04-11 | 10.0 HIGH | N/A |
| Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-3729 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | 9.8 CRITICAL |
| The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2012-4676 | 1 Google | 1 Tunnelblick | 2025-04-11 | 1.2 LOW | N/A |
| The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485. | |||||
| CVE-2012-6051 | 1 Google | 1 Cityhash | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google CityHash computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack. | |||||
| CVE-2012-5278 | 5 Adobe, Apple, Google and 2 more | 7 Air, Air Sdk, Flash Player and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
| Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. | |||||
| CVE-2011-2793 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors. | |||||
| CVE-2013-2876 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page. | |||||
| CVE-2012-5130 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2025-04-11 | 5.0 MEDIUM | N/A |
| Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2010-3115 | 3 Canonical, Google, Webkitgtk | 3 Ubuntu Linux, Chrome, Webkitgtk | 2025-04-11 | 5.0 MEDIUM | N/A |
| Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors. | |||||
| CVE-2011-3015 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-4486 | 1 Google | 1 Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling. | |||||
| CVE-2013-0842 | 1 Google | 1 Chrome | 2025-04-11 | 10.0 HIGH | N/A |
| Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors. | |||||
| CVE-2011-2359 | 3 Apple, Debian, Google | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||||
| CVE-2010-0644 | 1 Google | 1 Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity. | |||||
| CVE-2011-1840 | 2 Google, Martinicreations | 2 Android, Passmanlite Password Manager | 2025-04-11 | 2.1 LOW | N/A |
| The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access. | |||||
| CVE-2011-3883 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters. | |||||
| CVE-2012-4563 | 1 Google | 1 Web Toolkit | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||