Google : Security Vulnerabilities, CVEs, Published In May 2010
Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors.
Max CVSS
7.5
EPSS Score
0.17%
Published
2010-05-28
Updated
2020-08-06
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality.
Max CVSS
7.5
EPSS Score
0.31%
Published
2010-05-28
Updated
2020-08-06
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors.
Max CVSS
7.5
EPSS Score
0.31%
Published
2010-05-28
Updated
2020-08-06
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.
Max CVSS
10.0
EPSS Score
0.17%
Published
2010-05-28
Updated
2020-08-06
Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.
Max CVSS
4.3
EPSS Score
0.23%
Published
2010-05-28
Updated
2020-08-06
Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.17%
Published
2010-05-28
Updated
2020-08-06
Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.
Max CVSS
5.0
EPSS Score
0.42%
Published
2010-05-20
Updated
2018-10-10
Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage" issue.
Max CVSS
4.3
EPSS Score
0.09%
Published
2010-05-07
Updated
2017-09-19
Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
Max CVSS
4.3
EPSS Score
0.08%
Published
2010-05-06
Updated
2021-11-15
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
2.04%
Published
2010-05-03
Updated
2017-09-19
Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
Max CVSS
5.0
EPSS Score
2.18%
Published
2010-05-03
Updated
2017-09-19
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
Max CVSS
10.0
EPSS Score
50.18%
Published
2010-05-03
Updated
2017-09-19
12 vulnerabilities found