| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-2845 |
119 |
|
DoS Overflow Mem. Corr. |
2013-05-22 |
2013-05-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
|
2 |
CVE-2013-2838 |
119 |
|
DoS Overflow |
2013-05-22 |
2013-05-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
3 |
CVE-2013-0923 |
119 |
|
DoS Overflow Mem. Corr. |
2013-03-28 |
2013-04-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. |
|
4 |
CVE-2013-0917 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-04-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The URL loader in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
5 |
CVE-2013-0906 |
119 |
|
DoS Overflow Mem. Corr. |
2013-03-05 |
2013-03-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
|
6 |
CVE-2013-0904 |
119 |
|
DoS Overflow Mem. Corr. |
2013-03-05 |
2013-03-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Web Audio implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
|
7 |
CVE-2013-0899 |
189 |
|
DoS Overflow |
2013-02-23 |
2013-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet. |
|
8 |
CVE-2013-0896 |
119 |
|
DoS Overflow |
2013-02-23 |
2013-04-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
9 |
CVE-2013-0894 |
119 |
|
DoS Overflow |
2013-02-23 |
2013-04-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. |
|
10 |
CVE-2013-0891 |
189 |
|
DoS Overflow |
2013-02-23 |
2013-04-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob. |
|
11 |
CVE-2013-0890 |
119 |
|
DoS Overflow Mem. Corr. |
2013-02-23 |
2013-04-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. |
|
12 |
CVE-2013-0888 |
119 |
|
DoS Overflow |
2013-02-23 |
2013-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads." |
|
13 |
CVE-2013-0882 |
119 |
|
DoS Overflow |
2013-02-23 |
2013-04-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via a large number of SVG parameters. |
|
14 |
CVE-2013-0879 |
119 |
|
DoS Overflow Mem. Corr. |
2013-02-23 |
2013-04-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
|
15 |
CVE-2013-0843 |
119 |
|
DoS Overflow Mem. Corr. |
2013-01-24 |
2013-01-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X does not use an appropriate buffer size for the 96 kHz sampling rate, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a web site that provides WebRTC audio. |
|
16 |
CVE-2013-0834 |
119 |
|
DoS Overflow |
2013-01-15 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving glyphs. |
|
17 |
CVE-2013-0833 |
119 |
|
DoS Overflow |
2013-01-15 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing. |
|
18 |
CVE-2012-5157 |
119 |
|
DoS Overflow |
2013-01-15 |
2013-01-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Google Chrome before 24.0.1312.52 does not properly handle image data in PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. |
|
19 |
CVE-2012-5154 |
189 |
|
DoS Overflow |
2013-01-15 |
2013-02-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory. |
|
20 |
CVE-2012-5153 |
119 |
|
DoS Overflow |
2013-01-15 |
2013-02-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. |
|
21 |
CVE-2012-5152 |
119 |
|
DoS Overflow |
2013-01-15 |
2013-02-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. |
|
22 |
CVE-2012-5151 |
189 |
|
DoS Overflow |
2013-01-15 |
2013-01-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code in a PDF document. |
|
23 |
CVE-2012-5149 |
189 |
|
DoS Overflow |
2013-01-15 |
2013-02-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
24 |
CVE-2012-5144 |
119 |
|
DoS Overflow Mem. Corr. |
2012-12-12 |
2013-02-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." |
|
25 |
CVE-2012-5143 |
189 |
|
DoS Overflow |
2012-12-12 |
2013-02-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. |
|
26 |
CVE-2012-5134 |
119 |
|
DoS Exec Code Overflow |
2012-11-27 |
2013-04-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. |
|
27 |
CVE-2012-5130 |
119 |
|
DoS Overflow |
2012-11-27 |
2013-05-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
28 |
CVE-2012-5128 |
119 |
|
DoS Overflow |
2012-11-07 |
2013-05-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
29 |
CVE-2012-5127 |
189 |
|
DoS Overflow |
2012-11-07 |
2013-05-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image. |
|
30 |
CVE-2012-5124 |
119 |
|
DoS Overflow Mem. Corr. |
2012-11-07 |
2013-05-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 23.0.1271.64 does not properly handle textures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
|
31 |
CVE-2012-5123 |
119 |
|
DoS Overflow |
2012-11-07 |
2013-05-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
32 |
CVE-2012-5120 |
119 |
|
DoS Overflow |
2012-11-07 |
2013-05-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array. |
|
33 |
CVE-2012-5115 |
119 |
|
DoS Overflow |
2012-11-07 |
2013-05-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 23.0.1271.64 on Mac OS X does not properly mitigate improper write behavior in graphics drivers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger "wild writes." |
|
34 |
CVE-2012-5110 |
119 |
|
DoS Overflow |
2012-10-09 |
2013-01-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The compositor in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
35 |
CVE-2012-5109 |
119 |
|
DoS Overflow |
2012-10-09 |
2013-01-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression. |
|
36 |
CVE-2012-2897 |
119 |
|
Exec Code Overflow |
2012-09-26 |
2013-03-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT, as used by Google Chrome before 22.0.1229.79 and other programs, do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted TrueType font file, aka "Windows Font Parsing Vulnerability" or "TrueType Font Parsing Vulnerability." |
|
37 |
CVE-2012-2896 |
189 |
|
DoS Overflow |
2012-09-26 |
2013-03-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the WebGL implementation in Google Chrome before 22.0.1229.79 on Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
38 |
CVE-2012-2895 |
119 |
|
DoS Overflow |
2012-09-26 |
2012-10-10 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. |
|
39 |
CVE-2012-2884 |
119 |
|
DoS Overflow |
2012-09-26 |
2012-12-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
40 |
CVE-2012-2883 |
119 |
|
DoS Overflow |
2012-09-26 |
2013-03-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874. |
|
41 |
CVE-2012-2881 |
119 |
|
DoS Overflow |
2012-09-26 |
2013-03-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors. |
|
42 |
CVE-2012-2879 |
119 |
|
DoS Overflow |
2012-09-26 |
2013-03-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document. |
|
43 |
CVE-2012-2876 |
119 |
|
DoS Overflow |
2012-09-26 |
2013-03-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
44 |
CVE-2012-2874 |
119 |
|
DoS Overflow |
2012-09-26 |
2013-03-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883. |
|
45 |
CVE-2012-2869 |
119 |
|
DoS Overflow |
2012-08-31 |
2013-03-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer." |
|
46 |
CVE-2012-2865 |
119 |
|
DoS Overflow |
2012-08-31 |
2013-03-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. |
|
47 |
CVE-2012-2863 |
119 |
|
DoS Overflow |
2012-08-09 |
2012-09-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. |
|
48 |
CVE-2012-2859 |
119 |
|
DoS Exec Code Overflow |
2012-08-06 |
2012-08-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Google Chrome before 21.0.1180.57 on Linux does not properly handle tabs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. |
|
49 |
CVE-2012-2858 |
119 |
|
DoS Overflow |
2012-08-06 |
2012-08-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the WebP decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebP image. |
|
50 |
CVE-2012-2856 |
119 |
|
DoS Overflow |
2012-08-06 |
2012-08-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. |
