Google

Chrome

3758 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2013-2876

  • EPSS 0.35%
  • Veröffentlicht 10.07.2013 10:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a prev...

5

CVE-2013-2877

  • EPSS 0.89%
  • Veröffentlicht 10.07.2013 10:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for ...

5

CVE-2013-2878

  • EPSS 0.73%
  • Veröffentlicht 10.07.2013 10:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text.

5.8

CVE-2013-2879

  • EPSS 0.47%
  • Veröffentlicht 10.07.2013 10:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing...

7.5

CVE-2013-2880

  • EPSS 0.5%
  • Veröffentlicht 10.07.2013 10:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

6.8

CVE-2013-2853

  • EPSS 0.32%
  • Veröffentlicht 10.07.2013 10:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vec...

7.5

CVE-2013-2867

  • EPSS 0.66%
  • Veröffentlicht 10.07.2013 10:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site.

5

CVE-2013-2868

  • EPSS 0.38%
  • Veröffentlicht 10.07.2013 10:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension change...

4.3

CVE-2013-2869

  • EPSS 0.69%
  • Veröffentlicht 10.07.2013 10:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image.

9.3

CVE-2013-2870

  • EPSS 1.32%
  • Veröffentlicht 10.07.2013 10:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request.