Filtered by vendor Google
Subscribe
Total
13189 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2170 | 1 Google | 1 Chrome Os | 2025-04-11 | 4.4 MEDIUM | N/A |
| Google Chrome OS before R12 0.12.433.38 Beta, when Guest mode is enabled, does not prevent changes on the about:flags page, which has unspecified impact and local attack vectors. | |||||
| CVE-2011-2839 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | 7.5 HIGH | N/A |
| The PDF implementation in Google Chrome before 13.0.782.215 on Linux does not properly use the memset library function, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2012-1405 | 2 Goforandroid, Google | 2 Go Note Widget, Android | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the GO Note Widget (com.gau.go.launcherex.gowidget.notewidget) application 1.5 and 1.9 for Android has unknown impact and attack vectors. | |||||
| CVE-2012-2949 | 2 Google, Zte | 2 Android, Score M | 2025-04-11 | 10.0 HIGH | N/A |
| The ZTE sync_agent program for Android 2.3.4 on the Score M device uses a hardcoded ztex1609523 password to control access to commands, which allows remote attackers to gain privileges via a crafted application. | |||||
| CVE-2013-0889 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2013-1375 | 5 Adobe, Apple, Google and 2 more | 9 Adobe Air, Adobe Air Sdk, Adobe Air Sdk And Compiler and 6 more | 2025-04-11 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-3636 | 6 Adobe, Apple, Google and 3 more | 6 Flash Player, Mac Os X, Android and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors. | |||||
| CVE-2011-3640 | 3 Apple, Google, Microsoft | 3 Macos, Chrome, Windows | 2025-04-11 | 7.1 HIGH | N/A |
| Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug." | |||||
| CVE-2011-3104 | 1 Google | 1 Chrome | 2025-04-11 | 5.0 MEDIUM | N/A |
| Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-1108 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | |||||
| CVE-2013-6637 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2011-0471 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | 10.0 HIGH | N/A |
| The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2010-4212 | 2 Google, Usaa | 2 Android, Usaa | 2025-04-11 | 1.9 LOW | N/A |
| The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application data. | |||||
| CVE-2011-3918 | 1 Google | 1 Android | 2025-04-11 | 7.8 HIGH | N/A |
| The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service (reboot loop) via a crafted application. | |||||
| CVE-2013-2900 | 3 Debian, Google, Microsoft | 3 Debian Linux, Chrome, Windows | 2025-04-11 | 7.5 HIGH | N/A |
| The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 on Windows does not properly handle pathname components composed entirely of . (dot) and whitespace characters, which allows remote attackers to conduct directory traversal attacks via a crafted directory name. | |||||
| CVE-2013-2923 | 1 Google | 1 Chrome | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-1366 | 5 Adobe, Apple, Google and 2 more | 7 Air, Air Sdk, Flash Player and 4 more | 2025-04-11 | 10.0 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. | |||||
| CVE-2013-2869 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image. | |||||
| CVE-2011-2794 | 1 Google | 1 Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||||
| CVE-2011-2458 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site. | |||||