Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.
Max CVSS
7.5
EPSS Score
3.00%
Published
2011-12-13
Updated
2020-05-08
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
5.0
EPSS Score
2.58%
Published
2011-12-13
Updated
2020-05-07
Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.80%
Published
2011-12-13
Updated
2020-05-08
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.
Max CVSS
6.8
EPSS Score
6.91%
Published
2011-11-11
Updated
2020-05-08
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in.
Max CVSS
6.8
EPSS Score
5.71%
Published
2011-10-25
Updated
2020-05-11
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data.
Max CVSS
7.5
EPSS Score
8.86%
Published
2011-10-25
Updated
2020-05-11
Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream.
Max CVSS
9.3
EPSS Score
8.73%
Published
2011-10-12
Updated
2017-09-19
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.42%
Published
2011-10-12
Updated
2017-09-19
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.42%
Published
2011-10-12
Updated
2017-09-19
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.42%
Published
2011-10-12
Updated
2017-09-19
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.42%
Published
2011-10-12
Updated
2017-09-19
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.88%
Published
2011-10-12
Updated
2017-09-19
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.88%
Published
2011-10-12
Updated
2017-09-19
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.88%
Published
2011-10-12
Updated
2017-09-19
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.54%
Published
2011-09-19
Updated
2020-05-08
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.42%
Published
2011-10-12
Updated
2017-09-19
Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.
Max CVSS
9.3
EPSS Score
5.28%
Published
2011-10-12
Updated
2017-09-19
Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."
Max CVSS
6.8
EPSS Score
1.81%
Published
2011-10-04
Updated
2020-05-08
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.
Max CVSS
7.5
EPSS Score
3.11%
Published
2011-09-19
Updated
2020-05-08
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.
Max CVSS
6.8
EPSS Score
5.71%
Published
2011-09-19
Updated
2020-05-08
Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
Max CVSS
6.8
EPSS Score
2.79%
Published
2011-09-19
Updated
2020-05-08
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."
Max CVSS
6.8
EPSS Score
6.47%
Published
2011-09-19
Updated
2020-05-08
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
Max CVSS
6.8
EPSS Score
5.39%
Published
2011-09-19
Updated
2020-05-08
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.
Max CVSS
6.8
EPSS Score
5.71%
Published
2011-09-19
Updated
2020-05-08
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
Max CVSS
7.6
EPSS Score
0.41%
Published
2011-10-12
Updated
2017-09-19