CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
551 CVE-2011-3916 125 DoS 2011-12-13 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
552 CVE-2011-3911 125 DoS 2011-12-13 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
553 CVE-2011-3910 125 DoS 2011-12-13 2020-05-07
5.0
None Remote Low Not required None None Partial
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
554 CVE-2011-3909 119 DoS Overflow Mem. Corr. 2011-12-13 2020-05-07
5.0
None Remote Low Not required None None Partial
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
555 CVE-2011-3908 125 DoS 2011-12-13 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
556 CVE-2011-3906 125 DoS 2011-12-13 2020-05-07
5.0
None Remote Low Not required None None Partial
The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
557 CVE-2011-3905 125 DoS 2011-12-13 2020-05-07
5.0
None Remote Low Not required None None Partial
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
558 CVE-2011-3903 697 DoS 2011-12-13 2020-05-07
5.0
None Remote Low Not required None None Partial
Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
559 CVE-2011-3901 200 +Info 2020-02-12 2020-02-25
5.0
None Remote Low Not required Partial None None
Android SQLite Journal before 4.0.1 has an information disclosure vulnerability.
560 CVE-2011-3893 125 DoS 2011-11-11 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
561 CVE-2011-3887 565 Bypass 2011-10-25 2020-05-08
5.0
None Remote Low Not required Partial None None
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.
562 CVE-2011-3234 125 DoS 2011-09-19 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
563 CVE-2011-3112 399 DoS 2012-05-24 2017-09-19
5.0
None Remote Low Not required None None Partial
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document.
564 CVE-2011-3111 119 DoS Overflow 2012-05-24 2017-09-19
5.0
None Remote Low Not required None None Partial
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors.
565 CVE-2011-3104 119 DoS Overflow 2012-05-24 2017-09-19
5.0
None Remote Low Not required None None Partial
Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
566 CVE-2011-3100 DoS 2012-05-16 2017-12-29
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly draw dash paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
567 CVE-2011-3094 20 DoS 2012-05-16 2017-12-29
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
568 CVE-2011-3093 20 DoS 2012-05-16 2017-12-29
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
569 CVE-2011-3088 119 DoS Overflow 2012-05-16 2017-12-29
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
570 CVE-2011-3085 119 DoS Overflow 2012-05-16 2017-12-29
5.0
None Remote Low Not required None None Partial
The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values.
571 CVE-2011-3083 119 DoS Overflow 2012-05-16 2017-12-29
5.0
None Remote Low Not required None None Partial
browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted web page.
572 CVE-2011-3061 295 +Info 2012-03-30 2020-04-14
5.8
None Remote Medium Not required Partial Partial None
Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
573 CVE-2011-3049 DoS 2012-03-23 2020-04-16
5.0
None Remote Low Not required None None Partial
Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.
574 CVE-2011-3022 319 +Info 2012-02-16 2020-04-16
5.0
None Remote Low Not required Partial None None
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.
575 CVE-2011-2864 125 DoS 2011-09-19 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
576 CVE-2011-2858 125 DoS 2011-09-19 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
577 CVE-2011-2851 125 DoS 2011-09-19 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
578 CVE-2011-2850 125 DoS 2011-09-19 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
579 CVE-2011-2844 125 DoS 2011-09-19 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
580 CVE-2011-2843 125 DoS 2011-09-19 2020-05-08
5.0
None Remote Low Not required None None Partial
Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
581 CVE-2011-2335 415 2019-11-12 2019-11-14
5.0
None Remote Low Not required None None Partial
A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.
582 CVE-2011-1814 824 DoS 2011-06-09 2020-05-22
5.8
None Remote Medium Not required Partial None Partial
Google Chrome before 12.0.742.91 attempts to read data from an uninitialized pointer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
583 CVE-2011-1801 Bypass 2011-05-26 2020-05-22
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the pop-up blocker via unknown vectors.
584 CVE-2011-1691 476 DoS 2011-04-15 2020-06-03
5.0
None Remote Low Not required None None Partial
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.
585 CVE-2011-1465 DoS 2011-03-20 2020-06-03
5.0
None Remote Low Not required None None Partial
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.
586 CVE-2011-1452 20 2011-05-03 2020-05-22
5.8
None Remote Medium Not required Partial Partial None
Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload.
587 CVE-2011-1450 20 DoS 2011-05-03 2020-05-22
5.0
None Remote Low Not required None None Partial
Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
588 CVE-2011-1446 2011-05-03 2020-05-22
5.8
None Remote Medium Not required Partial Partial None
Google Chrome before 11.0.696.57 allows remote attackers to spoof the URL bar via vectors involving (1) a navigation error or (2) an interrupted load.
589 CVE-2011-1435 276 2011-05-03 2020-05-22
5.0
None Remote Low Not required Partial None None
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.
590 CVE-2011-1413 DoS 2011-03-11 2020-06-03
5.0
None Remote Low Not required None None Partial
Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages.
591 CVE-2011-1304 Bypass 2011-05-03 2020-05-22
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.
592 CVE-2011-1194 Bypass 2011-03-11 2020-06-03
5.0
None Remote Low Not required None Partial None
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors.
593 CVE-2011-1190 200 Bypass +Info 2011-03-11 2020-06-02
5.0
None Remote Low Not required Partial None None
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
594 CVE-2011-1187 200 Bypass +Info 2011-03-11 2020-06-03
5.0
None Remote Low Not required Partial None None
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
595 CVE-2011-1122 125 DoS 2011-03-01 2020-06-04
5.0
None Remote Low Not required None None Partial
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.
596 CVE-2011-1120 125 DoS 2011-03-01 2020-06-04
5.0
None Remote Low Not required None None Partial
The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717.
597 CVE-2011-0984 125 DoS 2011-02-10 2020-06-04
5.0
None Remote Low Not required None None Partial
Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
598 CVE-2011-0779 20 DoS 2011-02-04 2020-06-04
5.0
None Remote Low Not required None None Partial
Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.
599 CVE-2011-0680 2011-01-31 2017-08-17
5.0
None Remote Low Not required Partial None None
data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service.
600 CVE-2011-0483 704 DoS 2011-01-14 2020-07-24
5.0
None Remote Low Not required None None Partial
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Total number of vulnerabilities : 642   Page : 1 2 3 4 5 6 7 8 9 10 11 12 (This Page)13
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.