Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

12 matches found

CVE•added 2010/05/03 1:51 p.m.•56 views

CVE-2010-1663

The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

10CVSS6.2AI score0.07393EPSS

CVE•added 2010/05/03 1:51 p.m.•53 views

CVE-2010-1664

Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

5CVSS8.6AI score0.0188EPSS

CVE•added 2010/05/03 1:51 p.m.•49 views

CVE-2010-1665

Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

7.5CVSS8.6AI score0.0188EPSS

CVE•added 2010/05/20 5:30 p.m.•49 views

CVE-2010-1992

Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRAME elements.

5CVSS6.3AI score0.00543EPSS

CVE•added 2010/05/28 6:30 p.m.•49 views

CVE-2010-2110

Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors.

7.5CVSS6.8AI score0.00243EPSS

CVE•added 2010/05/28 6:30 p.m.•46 views

CVE-2010-2107

Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.

10CVSS7AI score0.00349EPSS

CVE•added 2010/05/28 6:30 p.m.•45 views

CVE-2010-2108

Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors.

7.5CVSS6.3AI score0.00281EPSS

CVE•added 2010/05/28 6:30 p.m.•43 views

CVE-2010-2106

Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.

4.3CVSS6.1AI score0.00373EPSS

CVE•added 2010/05/07 6:24 p.m.•42 views

CVE-2010-1851

Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage" is...

4.3CVSS6.9AI score0.00089EPSS

CVE•added 2010/05/28 6:30 p.m.•41 views

CVE-2010-2109

Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality.

7.5CVSS7.2AI score0.00703EPSS

CVE•added 2010/05/06 2:53 p.m.•40 views

CVE-2010-1731

Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop.

4.3CVSS6.5AI score0.0029EPSS

CVE•added 2010/05/28 6:30 p.m.•38 views

CVE-2010-2105

Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors.

10CVSS6.5AI score0.00349EPSS