Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

11 matches found

CVE•added 2014/01/16 12:17 p.m.•76 views

CVE-2013-6643

The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper hand...

7.5CVSS6.1AI score0.00186EPSS

CVE•added 2014/01/16 12:17 p.m.•70 views

CVE-2013-6641

Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or pos...

7.5CVSS7AI score0.00721EPSS

CVE•added 2014/01/16 12:17 p.m.•68 views

CVE-2013-6645

Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or p...

6.8CVSS7AI score0.01406EPSS

CVE•added 2014/01/05 8:55 p.m.•66 views

CVE-2012-2898

Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote attackers to spoof the Omnibox URL via vectors involving SSL error messages, a related issue to CVE-2012-0674.

5CVSS6.1AI score0.00359EPSS

CVE•added 2014/01/28 2:30 p.m.•66 views

CVE-2013-6650

The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handli...

7.5CVSS6.9AI score0.02383EPSS

CVE•added 2014/01/16 12:17 p.m.•65 views

CVE-2013-6646

Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the shutting down of a w...

7.5CVSS7AI score0.01763EPSS

CVE•added 2014/01/16 12:17 p.m.•62 views

CVE-2013-6644

Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.9AI score0.01698EPSS

CVE•added 2014/01/28 2:30 p.m.•60 views

CVE-2013-6649

Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG i...

7.5CVSS7AI score0.00926EPSS

CVE•added 2014/01/28 2:30 p.m.•53 views

CVE-2014-1681

Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.102 have unknown impact and attack vectors, related to 12 "security fixes [that were not] either contributed by external researchers or particularly interesting."

10CVSS6.4AI score0.00324EPSS

CVE•added 2014/01/05 8:55 p.m.•42 views

CVE-2012-2899

Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors involving the document.write method.

4.3CVSS5.5AI score0.00087EPSS

CVE•added 2014/01/16 12:17 p.m.•38 views

CVE-2013-6642

Google Chrome through 32.0.1700.23 on Android allows remote attackers to spoof the address bar via unspecified vectors.

5CVSS6.4AI score0.0014EPSS