cpe:2.3:a:google:chrome:25.0.1364.48:*:*:*:*:*:*:*
Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.74%
Published
2013-06-05
Updated
2017-09-19
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.98%
Published
2013-11-13
Updated
2017-09-19
Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.102 have unknown impact and attack vectors, related to 12 "security fixes [that were not] either contributed by external researchers or particularly interesting."
Max CVSS
10.0
EPSS Score
0.20%
Published
2014-01-28
Updated
2018-01-03
Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.55%
Published
2014-03-16
Updated
2017-01-07
Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components.
Max CVSS
10.0
EPSS Score
0.62%
Published
2014-08-27
Updated
2017-08-29
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177.
Max CVSS
10.0
EPSS Score
6.31%
Published
2014-08-27
Updated
2017-08-29
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.
Max CVSS
10.0
EPSS Score
6.31%
Published
2014-08-27
Updated
2017-08-29
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h.
Max CVSS
10.0
EPSS Score
2.99%
Published
2014-10-08
Updated
2016-09-07
Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs.
Max CVSS
10.0
EPSS Score
3.29%
Published
2015-12-06
Updated
2017-09-14
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
2.45%
Published
2015-12-06
Updated
2017-09-14
The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
Max CVSS
10.0
EPSS Score
2.19%
Published
2015-12-14
Updated
2016-12-07
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.69%
Published
2015-12-14
Updated
2016-12-07
The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664.
Max CVSS
10.0
EPSS Score
3.49%
Published
2015-12-24
Updated
2016-12-07
The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg.
Max CVSS
10.0
EPSS Score
0.15%
Published
2015-12-06
Updated
2015-12-07
Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478.
Max CVSS
10.0
EPSS Score
0.17%
Published
2015-12-14
Updated
2016-12-07
Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.00%
Published
2016-02-21
Updated
2018-10-30
Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
1.64%
Published
2016-03-06
Updated
2016-12-03
extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
1.64%
Published
2016-03-06
Updated
2016-12-03
Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect reliance on the resource context pointer.
Max CVSS
10.0
EPSS Score
0.98%
Published
2016-03-06
Updated
2016-12-03
Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.60%
Published
2016-03-06
Updated
2016-12-03
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.57%
Published
2016-04-18
Updated
2018-10-30
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
2.12%
Published
2016-05-14
Updated
2018-10-30
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.17%
Published
2016-03-06
Updated
2016-12-03
Unspecified vulnerabilities in Google Chrome before 54.0.2840.59.
Max CVSS
10.0
EPSS Score
0.11%
Published
2019-11-20
Updated
2019-11-21
Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75.
Max CVSS
10.0
EPSS Score
0.42%
Published
2019-11-20
Updated
2020-02-07
2561 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!