Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

7 matches found

CVE•added 2013/12/07 12:55 a.m.•83 views

CVE-2013-6639

The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the...

7.5CVSS9.3AI score0.02842EPSS

CVE•added 2013/12/07 12:55 a.m.•79 views

CVE-2013-6640

The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element wi...

7.5CVSS8.6AI score0.02718EPSS

CVE•added 2013/12/07 12:55 a.m.•72 views

CVE-2013-6636

The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors i...

4.3CVSS5.9AI score0.00725EPSS

CVE•added 2013/12/07 12:55 a.m.•63 views

CVE-2013-6638

Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayIniti...

7.5CVSS7.2AI score0.04074EPSS

CVE•added 2013/12/07 12:55 a.m.•62 views

CVE-2013-6634

The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by triggering improper...

6.8CVSS6AI score0.01309EPSS

CVE•added 2013/12/07 12:55 a.m.•59 views

CVE-2013-6637

Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.00527EPSS

CVE•added 2013/12/07 12:55 a.m.•58 views

CVE-2013-6635

Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, re...

6.8CVSS7.1AI score0.01163EPSS