Filtered by vendor Google
Subscriptions
Total
13556 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-2295 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610. NOTE: this might overlap CVE-2010-1422. | ||||
| CVE-2010-2296 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors. | ||||
| CVE-2010-2301 | 3 Google, Opensuse, Suse | 4 Chrome, Opensuse, Suse Linux Enterprise Desktop and 1 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762. | ||||
| CVE-2010-2645 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote attackers to cause a denial of service (out-of-bounds read) via unknown vectors. | ||||
| CVE-2010-2651 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2010-2649 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Unspecified vulnerability in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (application crash) via an invalid image. | ||||
| CVE-2010-2652 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.99 does not properly implement modal dialogs, which allows attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2010-3251 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The WebSockets implementation in Google Chrome before 6.0.472.53 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | ||||
| CVE-2010-2884 | 5 Adobe, Apple, Google and 2 more | 7 Acrobat, Acrobat Reader, Flash Player and 4 more | 2025-04-11 | N/A |
| Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. | ||||
| CVE-2010-2898 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors. | ||||
| CVE-2010-2900 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors. | ||||
| CVE-2010-2902 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2010-2903 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.125 performs unexpected truncation and improper eliding of hostnames, which has unspecified impact and remote attack vectors. | ||||
| CVE-2010-3113 | 4 Canonical, Google, Redhat and 1 more | 4 Ubuntu Linux, Chrome, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController. | ||||
| CVE-2010-3111 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 6.0.472.53 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors, a different vulnerability than CVE-2010-2897. | ||||
| CVE-2011-0458 | 1 Google | 1 Picasa | 2025-04-11 | N/A |
| Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | ||||
| CVE-2011-0472 | 1 Google | 2 Chrome, Chrome Os | 2025-04-11 | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a multi-page document. | ||||
| CVE-2010-3115 | 4 Canonical, Google, Redhat and 1 more | 4 Ubuntu Linux, Chrome, Enterprise Linux and 1 more | 2025-04-11 | N/A |
| Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors. | ||||
| CVE-2012-2899 | 2 Apple, Google | 2 Ipad2, Chrome | 2025-04-11 | N/A |
| Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors involving the document.write method. | ||||
| CVE-2010-3118 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature. | ||||