Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."
Max CVSS
10.0
EPSS Score
1.25%
Published
2012-12-12
Updated
2018-10-30
Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers.
Max CVSS
10.0
EPSS Score
0.43%
Published
2012-12-12
Updated
2018-10-30
Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.91%
Published
2012-12-12
Updated
2018-10-30
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader.
Max CVSS
10.0
EPSS Score
0.43%
Published
2012-12-12
Updated
2018-10-30
Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events.
Max CVSS
10.0
EPSS Score
0.43%
Published
2012-12-12
Updated
2018-10-30
Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API.
Max CVSS
10.0
EPSS Score
0.96%
Published
2012-12-04
Updated
2018-10-30
Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document.
Max CVSS
6.8
EPSS Score
1.62%
Published
2012-11-28
Updated
2018-10-30
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.
Max CVSS
7.5
EPSS Score
2.04%
Published
2012-11-28
Updated
2018-10-30
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.
Max CVSS
6.8
EPSS Score
5.21%
Published
2012-11-28
Updated
2017-08-29
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
Max CVSS
7.5
EPSS Score
1.10%
Published
2012-11-28
Updated
2018-10-30
Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding.
Max CVSS
5.0
EPSS Score
1.66%
Published
2012-11-28
Updated
2018-10-30
Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitigate improper rendering behavior in the Intel GPU driver, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.87%
Published
2012-11-28
Updated
2013-08-17
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.16%
Published
2012-11-28
Updated
2018-10-30
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.80%
Published
2012-11-07
Updated
2017-09-19
Integer overflow in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted WebP image.
Max CVSS
7.5
EPSS Score
1.03%
Published
2012-11-07
Updated
2017-09-19
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of plug-in placeholders.
Max CVSS
7.5
EPSS Score
1.25%
Published
2012-11-07
Updated
2017-09-19
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs.
Max CVSS
7.5
EPSS Score
1.25%
Published
2012-11-07
Updated
2017-09-19
Google Chrome before 23.0.1271.64 does not properly handle textures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
1.20%
Published
2012-11-07
Updated
2017-09-19
Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.85%
Published
2012-11-07
Updated
2017-09-19
Google Chrome before 23.0.1271.64 does not properly perform a cast of an unspecified variable during handling of input, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
1.25%
Published
2012-11-07
Updated
2017-09-19
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video layout.
Max CVSS
7.5
EPSS Score
1.25%
Published
2012-11-07
Updated
2017-09-19
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array.
Max CVSS
7.5
EPSS Score
0.80%
Published
2012-11-07
Updated
2017-08-29
Race condition in Pepper, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to buffers.
Max CVSS
6.8
EPSS Score
1.25%
Published
2012-11-07
Updated
2017-09-19
Google Chrome before 23.0.1271.64 on Mac OS X does not properly validate an integer value during the handling of GPU command buffers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.87%
Published
2012-11-07
Updated
2017-08-29
Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG filters.
Max CVSS
7.5
EPSS Score
1.25%
Published
2012-11-07
Updated
2017-09-19
195 vulnerabilities found
1 2 3 4 5 6 7 8
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!