Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1716 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2023-11-07 | 7.5 HIGH | N/A |
| Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." | |||||
| CVE-2014-1715 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2023-11-07 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. | |||||
| CVE-2014-1714 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2023-11-07 | 7.5 HIGH | N/A |
| The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. | |||||
| CVE-2014-1713 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. | |||||
| CVE-2014-1711 | 1 Google | 1 Chrome Os | 2023-11-07 | 7.5 HIGH | N/A |
| The GPU driver in the kernel in Google Chrome OS before 33.0.1750.152 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2014-1710 | 1 Google | 1 Chrome Os | 2023-11-07 | 7.5 HIGH | N/A |
| The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager.cc in Google Chrome, as used in Google Chrome OS before 33.0.1750.152, does not check whether a certain position is within the bounds of a shared-memory segment, which allows remote attackers to cause a denial of service (GPU command-buffer memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2014-1708 | 1 Google | 1 Chrome Os | 2023-11-07 | 10.0 HIGH | N/A |
| The boot implementation in Google Chrome OS before 33.0.1750.152 does not properly consider file persistence, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-1707 | 1 Google | 1 Chrome Os | 2023-11-07 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in CrosDisks in Google Chrome OS before 33.0.1750.152 has unspecified impact and attack vectors. | |||||
| CVE-2014-1706 | 1 Google | 1 Chrome Os | 2023-11-07 | 7.5 HIGH | N/A |
| crosh in Google Chrome OS before 33.0.1750.152 allows attackers to inject commands via unspecified vectors. | |||||
| CVE-2014-1705 | 6 Apple, Debian, Google and 3 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2023-11-07 | 7.5 HIGH | N/A |
| Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2014-1704 | 1 Google | 2 Chrome, V8 | 2023-11-07 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2014-1703 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case. | |||||
| CVE-2014-1702 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread. | |||||
| CVE-2014-1701 | 1 Google | 1 Chrome | 2023-11-07 | 4.3 MEDIUM | N/A |
| The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS (UXSS) attacks via vectors involving events. | |||||
| CVE-2014-1700 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure. | |||||
| CVE-2013-6638 | 1 Google | 2 Chrome, V8 | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions. | |||||
| CVE-2013-6630 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | |||||
| CVE-2013-2931 | 1 Google | 1 Chrome | 2023-11-07 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2928 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2927 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submission for FORM elements. | |||||