122 matches found
SUSE CVE-2019-5774
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file...
DEBIAN-CVE-2021-21179
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2021-21153
Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
DEBIAN-CVE-2021-21121
Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
DEBIAN-CVE-2021-21107
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
UBUNTU-CVE-2021-21107
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
Google Chrome Security Update (stable-channel-update-for-desktop_2020-01) - Linux
Google Chrome is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...
CVE-2017-5097
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...
Google Chrome PDF Viewer Security Bypass Vulnerability (Nov 2015) - Linux
Google Chrome is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...
Adobe Flash - Heap Buffer Overflow Loading .FLV File with Nellymoser Audio Codec
Adobe Flash - Heap Buffer Overflow Loading .FLV File with Nellymoser Audio Codec Source: https://code.google.com/p/google-security-research/issues/detail?id=425&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately and:...
Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File
Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File Source: https://code.google.com/p/google-security-research/issues/detail?id=426&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately, and:...
Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File
Source: https://code.google.com/p/google-security-research/issues/detail?id=426&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately, and: http://localhost/LoadMP4.swf?file=crash3006694.flv If there is no crash at first, refres...
Adobe Flash - Heap Buffer Overflow Loading '.FLV' File with Nellymoser Audio Codec
Source: https://code.google.com/p/google-security-research/issues/detail?id=425&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately and: http://localhost/LoadMP4.swf?file=crash4000368.flv If there is no crash at first, refresh...
Taming the wild copy: Parallel Thread Corruption
Posted by Chris Evans, Winner of the occasional race Back in 2002, a very interesting vulnerability was found and fixed in the Apache web server. Relating to a bug in chunked encoding handing, the vulnerability caused a memcpy call with a negative length with the destination on the stack. Of...
CVE-2013-0838
Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors...
CVE-2012-2859
Google Chrome before 21.0.1180.57 on Linux does not properly handle tabs, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...
Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)
Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products...
Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)
Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products...
Google Releases Chrome 17.0.963.56
Google has released Chrome 17.0.963.56 for Linux, Macintosh, Windows, and Google Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review th...
UBUNTU-CVE-2011-1192
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...