Lucene search

K
GoogleChrome

5 matches found

CVE
CVE
added 2012/09/15 6:55 p.m.427 views

CVE-2012-4929

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences...

2.6CVSS4.9AI score0.13867EPSS
CVE
CVE
added 2012/09/15 6:55 p.m.161 views

CVE-2012-4930

The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing lengt...

2.6CVSS8.9AI score0.00236EPSS
CVE
CVE
added 2009/01/20 4:30 p.m.64 views

CVE-2008-5915

An unspecified function in the JavaScript implementation in Google Chrome creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack...

2.1CVSS6.4AI score0.00516EPSS
CVE
CVE
added 2010/02/18 6:0 p.m.63 views

CVE-2010-0650

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

2.6CVSS8.2AI score0.01571EPSS
CVE
CVE
added 2011/08/03 12:55 a.m.47 views

CVE-2011-2784

Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry.

2.1CVSS5.5AI score0.00191EPSS