Google

Chrome

3675 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2011-2803

  • EPSS 0.83%
  • Veröffentlicht 03.08.2011 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

4.3

CVE-2011-2804

  • EPSS 2.97%
  • Veröffentlicht 03.08.2011 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.

6.8

CVE-2011-2805

  • EPSS 0.58%
  • Veröffentlicht 03.08.2011 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.

6.8

CVE-2011-2818

  • EPSS 2.96%
  • Veröffentlicht 03.08.2011 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.

6.8

CVE-2011-2819

  • EPSS 0.74%
  • Veröffentlicht 03.08.2011 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.

6.8

CVE-2011-2358

  • EPSS 0.71%
  • Veröffentlicht 03.08.2011 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.

6.8

CVE-2011-2359

  • EPSS 3.6%
  • Veröffentlicht 03.08.2011 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

4.3

CVE-2011-2360

  • EPSS 0.32%
  • Veröffentlicht 03.08.2011 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site.

4.3

CVE-2011-2361

  • EPSS 0.3%
  • Veröffentlicht 03.08.2011 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site.

4.3

CVE-2011-2782

  • EPSS 0.22%
  • Veröffentlicht 03.08.2011 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.