Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 12849 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2640 2 Google, Yomecolle 2 Android, Nec Biglobe Yome Collection 2025-04-11 5.0 MEDIUM N/A
The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for Android allows remote attackers to read the IMEI value from an SD card via a crafted application that lacks the READ_PHONE_STATE permission.
CVE-2013-5349 1 Google 1 Picasa 2025-04-11 7.5 HIGH N/A
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size.
CVE-2013-6643 6 Apple, Debian, Google and 3 more 6 Mac Os X, Debian Linux, Chrome and 3 more 2025-04-11 7.5 HIGH N/A
The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog.
CVE-2011-1447 1 Google 1 Chrome 2025-04-11 6.8 MEDIUM N/A
Google Chrome before 11.0.696.57 does not properly handle drop-down lists, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
CVE-2013-0650 5 Adobe, Apple, Google and 2 more 9 Adobe Air, Adobe Air Sdk, Adobe Air Sdk And Compiler and 6 more 2025-04-11 10.0 HIGH N/A
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2010-4484 1 Google 1 Chrome 2025-04-11 5.0 MEDIUM N/A
Google Chrome before 8.0.552.215 does not properly handle HTML5 databases, which allows attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2013-2877 2 Google, Xmlsoft 2 Chrome, Libxml2 2025-04-11 5.0 MEDIUM N/A
parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.
CVE-2012-2868 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 6.8 MEDIUM N/A
Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.
CVE-2012-1484 2 Google, Wali 2 Android, Walisms Cn 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) application 2.9.2 and 3.7.0 for Android has unknown impact and attack vectors.
CVE-2011-1301 1 Google 1 Chrome 2025-04-11 9.3 HIGH N/A
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2012-4904 1 Google 2 Android, Chrome 2025-04-11 4.3 MEDIUM N/A
Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal XSS (UXSS)" attacks against the current tab.
CVE-2011-1305 3 Apple, Google, Linux 3 Macos, Chrome, Linux Kernel 2025-04-11 6.8 MEDIUM N/A
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.
CVE-2012-2039 8 Adobe, Apple, Google and 5 more 13 Air, Flash Player, Macos and 10 more 2025-04-11 9.3 HIGH N/A
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors.
CVE-2013-2921 1 Google 1 Chrome 2025-04-11 6.8 MEDIUM N/A
Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry.
CVE-2011-2835 1 Google 1 Chrome 2025-04-11 6.8 MEDIUM N/A
Race condition in Google Chrome before 14.0.835.163 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the certificate cache.
CVE-2012-2764 2 Google, Microsoft 2 Chrome, Windows 2025-04-11 7.2 HIGH N/A
Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory.
CVE-2013-2882 4 Debian, Google, Nodejs and 1 more 4 Debian Linux, Chrome, Node.js and 1 more 2025-04-11 7.5 HIGH N/A
Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
CVE-2012-5133 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 7.5 HIGH N/A
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters.
CVE-2011-3063 1 Google 1 Chrome 2025-04-11 4.3 MEDIUM N/A
Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors.
CVE-2012-2832 1 Google 1 Chrome 2025-04-11 6.8 MEDIUM N/A
The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.