Google

Chrome

3771 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2017-5045

  • EPSS 0.85%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.

4.3

CVE-2017-5046

  • EPSS 1.16%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink informatio...

9.8

CVE-2014-9654

  • EPSS 1.67%
  • Veröffentlicht 24.04.2017 06:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which ...

7.5

CVE-2016-5168

  • EPSS 9.63%
  • Veröffentlicht 21.04.2017 20:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information.

6.5

CVE-2013-6662

  • EPSS 0.06%
  • Veröffentlicht 13.04.2017 17:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Google Chrome caches TLS sessions before certificate validation occurs.

9.8

CVE-2013-6647

  • EPSS 0.12%
  • Veröffentlicht 11.04.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A use-after-free in AnimationController::endAnimationUpdate in Google Chrome.

6.1

CVE-2017-5006

  • EPSS 0.41%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

6.1

CVE-2017-5007

  • EPSS 5.62%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a cr...

6.1

CVE-2017-5008

  • EPSS 0.41%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitr...

8.8

CVE-2017-5009

  • EPSS 0.84%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.