CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 7 and 7.99)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-2846 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840.
2 CVE-2013-2845 119 DoS Overflow Mem. Corr. 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
3 CVE-2013-2844 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution.
4 CVE-2013-2843 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech data.
5 CVE-2013-2842 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets.
6 CVE-2013-2841 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of Pepper resources.
7 CVE-2013-2840 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846.
8 CVE-2013-2839 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
9 CVE-2013-2837 399 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
10 CVE-2013-2836 DoS 2013-05-22 2013-05-22
7.5
 None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
11 CVE-2013-2268 2013-02-23 2013-02-25
7.5
 None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue."
12 CVE-2013-0927 59 Bypass 2013-04-10 2013-04-11
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data.
13 CVE-2013-0925 264 2013-03-28 2013-04-03
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 26.0.1410.43 does not ensure that an extension has the tabs (aka APIPermission::kTab) permission before providing a URL to this extension, which has unspecified impact and remote attack vectors.
14 CVE-2013-0924 264 2013-03-28 2013-04-03
7.5
 None Remote Low Not required Partial Partial Partial
The extension functionality in Google Chrome before 26.0.1410.43 does not verify that use of the permissions API is consistent with file permissions, which has unspecified impact and attack vectors.
15 CVE-2013-0922 264 2013-03-28 2013-04-03
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors.
16 CVE-2013-0920 399 DoS 2013-03-28 2013-04-03
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the extension bookmarks API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
17 CVE-2013-0919 399 DoS 2013-03-28 2013-04-03
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the presence of an extension that creates a pop-up window.
18 CVE-2013-0916 399 DoS 2013-03-28 2013-04-03
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the Web Audio implementation in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
19 CVE-2013-0912 94 Exec Code 2013-03-11 2013-04-19
7.5
 None Remote Low Not required Partial Partial Partial
WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via vectors that leverage "type confusion."
20 CVE-2013-0911 22 Dir. Trav. 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to have an unspecified impact via vectors related to databases.
21 CVE-2013-0910 287 Bypass 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.152 does not properly manage the interaction between the browser process and renderer processes during authorization of the loading of a plug-in, which makes it easier for remote attackers to bypass intended access restrictions via vectors involving a blocked plug-in.
22 CVE-2013-0908 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.152 does not properly manage bindings of extension processes, which has unspecified impact and attack vectors.
23 CVE-2013-0907 362 DoS 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
Race condition in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media threads.
24 CVE-2013-0906 119 DoS Overflow Mem. Corr. 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
25 CVE-2013-0905 399 DoS 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG animation.
26 CVE-2013-0904 119 DoS Overflow Mem. Corr. 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
The Web Audio implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
27 CVE-2013-0903 399 DoS 2013-03-05 2013-03-06
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of browser navigation.
28 CVE-2013-0902 399 DoS 2013-03-05 2013-04-15
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
29 CVE-2013-0898 399 DoS 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL.
30 CVE-2013-0896 119 DoS Overflow 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
31 CVE-2013-0895 22 Dir. Trav. 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors.
32 CVE-2013-0894 119 DoS Overflow 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size.
33 CVE-2013-0892 DoS 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
34 CVE-2013-0891 189 DoS Overflow 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob.
35 CVE-2013-0890 119 DoS Overflow Mem. Corr. 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors.
36 CVE-2013-0887 264 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict privileges during interaction with a connected server, which has unspecified impact and attack vectors.
37 CVE-2013-0886 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.99 on Mac OS X does not properly implement signal handling for Native Client (aka NaCl) code, which has unspecified impact and attack vectors.
38 CVE-2013-0885 264 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors.
39 CVE-2013-0884 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly load Native Client (aka NaCl) code, which has unspecified impact and attack vectors.
40 CVE-2013-0882 119 DoS Overflow 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via a large number of SVG parameters.
41 CVE-2013-0880 399 DoS 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases.
42 CVE-2013-0879 119 DoS Overflow Mem. Corr. 2013-02-23 2013-04-10
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
43 CVE-2013-0843 119 DoS Overflow Mem. Corr. 2013-01-24 2013-01-30
7.5
 None Remote Low Not required Partial Partial Partial
content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a web site that provides WebRTC audio.
44 CVE-2013-0841 20 DoS 2013-01-24 2013-01-25
7.5
 None Remote Low Not required Partial Partial Partial
Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
45 CVE-2013-0839 399 DoS 2013-01-24 2013-01-25
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements.
46 CVE-2013-0838 264 2013-01-15 2013-02-07
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors.
47 CVE-2013-0837 20 DoS 2013-01-15 2013-02-07
7.5
 None Remote Low Not required Partial Partial Partial
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs.
48 CVE-2013-0832 399 DoS 2013-01-15 2013-02-07
7.5
 None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.
49 CVE-2013-0831 22 Dir. Trav. 2013-01-15 2013-02-07
7.5
 None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process.
50 CVE-2013-0830 20 2013-01-15 2013-02-07
7.5
 None Remote Low Not required Partial Partial Partial
The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a NUL character required for termination of an unspecified data structure, which has unknown impact and attack vectors.
Total number of vulnerabilities : 320   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.