Google

Chrome

3675 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2010-1237

  • EPSS 0.52%
  • Published 01.04.2010 22:30:00
  • Last modified 11.04.2025 00:51:21

Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via an empty SVG element.

5

CVE-2010-1029

Exploit
  • EPSS 37.62%
  • Published 19.03.2010 21:30:00
  • Last modified 11.04.2025 00:51:21

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap...

6.8

CVE-2010-0661

  • EPSS 1.62%
  • Published 18.02.2010 18:00:01
  • Last modified 11.04.2025 00:51:21

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method.

5

CVE-2010-0662

  • EPSS 0.49%
  • Published 18.02.2010 18:00:01
  • Last modified 11.04.2025 00:51:21

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access ...

5

CVE-2010-0663

  • EPSS 0.38%
  • Published 18.02.2010 18:00:01
  • Last modified 11.04.2025 00:51:21

The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive infor...

5

CVE-2010-0664

Exploit
  • EPSS 1.32%
  • Published 18.02.2010 18:00:01
  • Last modified 11.04.2025 00:51:21

Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of service (memory consumption and appl...

4.3

CVE-2010-0643

  • EPSS 0.35%
  • Published 18.02.2010 18:00:00
  • Last modified 11.04.2025 00:51:21

Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via s...

4.3

CVE-2010-0644

  • EPSS 0.26%
  • Published 18.02.2010 18:00:00
  • Last modified 11.04.2025 00:51:21

Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrat...

9.3

CVE-2010-0645

  • EPSS 8.55%
  • Published 18.02.2010 18:00:00
  • Last modified 11.04.2025 00:51:21

Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.

10

CVE-2010-0646

Exploit
  • EPSS 10.91%
  • Published 18.02.2010 18:00:00
  • Last modified 11.04.2025 00:51:21

Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.