Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 12849 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2877 2 Google, Opensuse 2 Chrome, Opensuse 2025-04-11 5.0 MEDIUM N/A
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2012-5268 5 Adobe, Apple, Google and 2 more 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more 2025-04-11 10.0 HIGH N/A
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.
CVE-2011-3088 1 Google 1 Chrome 2025-04-11 5.0 MEDIUM N/A
Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-2797 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 6.8 MEDIUM N/A
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.
CVE-2010-1770 6 Apple, Canonical, Google and 3 more 12 Mac Os X, Mac Os X Server, Safari and 9 more 2025-04-11 9.3 HIGH N/A
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue."
CVE-2012-5264 5 Adobe, Apple, Google and 2 more 8 Adobe Air, Adobe Air Sdk, Flash Player and 5 more 2025-04-11 10.0 HIGH N/A
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
CVE-2011-2415 6 Adobe, Apple, Google and 3 more 7 Adobe Air, Flash Player, Mac Os X and 4 more 2025-04-11 10.0 HIGH N/A
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414.
CVE-2013-2854 2 Google, Microsoft 2 Chrome, Windows 2025-04-11 7.5 HIGH N/A
Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2013-2913 1 Google 1 Chrome 2025-04-11 6.8 MEDIUM N/A
Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document.
CVE-2011-1816 1 Google 1 Chrome 2025-04-11 6.8 MEDIUM N/A
Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2012-1402 2 1kxun, Google 2 Qianxun Yingshi, Android 2025-04-11 10.0 HIGH N/A
Unspecified vulnerability in the QianXun YingShi (com.qianxun.yingshi) application 1.2.3 and 1.3.4 for Android has unknown impact and attack vectors.
CVE-2013-2858 2 Debian, Google 2 Debian Linux, Chrome 2025-04-11 7.5 HIGH N/A
Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-2427 6 Adobe, Apple, Google and 3 more 6 Flash Player, Mac Os X, Android and 3 more 2025-04-11 9.3 HIGH N/A
Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
CVE-2012-1846 1 Google 1 Chrome 2025-04-11 10.0 HIGH N/A
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code."
CVE-2011-3907 1 Google 1 Chrome 2025-04-11 4.3 MEDIUM N/A
The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors.
CVE-2010-3116 4 Apple, Canonical, Google and 1 more 5 Iphone Os, Safari, Ubuntu Linux and 2 more 2025-04-11 10.0 HIGH N/A
Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins.
CVE-2011-3076 2 Apple, Google 4 Iphone Os, Itunes, Safari and 1 more 2025-04-11 6.8 MEDIUM N/A
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling.
CVE-2011-0618 6 Adobe, Apple, Google and 3 more 6 Flash Player, Mac Os X, Android and 3 more 2025-04-11 9.3 HIGH N/A
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.
CVE-2010-1663 1 Google 1 Chrome 2025-04-11 10.0 HIGH N/A
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
CVE-2013-5357 1 Google 1 Picasa 2025-04-11 7.5 HIGH N/A
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag.