U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:google:chrome:5.0.375.50
There are 2,531 matching records.
Displaying matches 1,621 through 1,640.
Vuln ID Summary CVSS Severity
CVE-2014-7925

Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained.

Published: January 22, 2015; 5:59:06 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7924

Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc.

Published: January 22, 2015; 5:59:05 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-7923

The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.

Published: January 22, 2015; 5:59:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1798

rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown other impact via a crafted text element in an SVG document.

Published: December 25, 2014; 9:59:04 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1796

Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that calls the removeChild method during interaction with a FRAME element.

Published: December 25, 2014; 9:59:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1795

Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document containing a FORM element.

Published: December 25, 2014; 9:59:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1794

Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp in the SVG filter implementation in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted dimensions.

Published: December 25, 2014; 9:59:01 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-1793

rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."

Published: December 25, 2014; 9:59:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7910

Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Published: November 19, 2014; 6:59:11 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7909

effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data.

Published: November 19, 2014; 6:59:10 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-7908

Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data.

Published: November 19, 2014; 6:59:09 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7907

Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods.

Published: November 19, 2014; 6:59:08 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime.

Published: November 19, 2014; 6:59:07 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7905

Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site.

Published: November 19, 2014; 6:59:06 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-7904

Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: November 19, 2014; 6:59:05 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7903

Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image.

Published: November 19, 2014; 6:59:04 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7901

Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image.

Published: November 19, 2014; 6:59:02 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7900

Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.

Published: November 19, 2014; 6:59:01 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-7899

Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string.

Published: November 19, 2014; 6:59:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-3201

core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar.

Published: October 09, 2014; 9:55:08 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM