Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:google:chrome:5.0.375.64
There are 2,136 matching records.
Displaying matches 2,061 through 2,080.
Vuln ID Summary CVSS Severity
CVE-2010-4040

Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.

Published: October 21, 2010; 3:00:04 PM -0400
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2010-4039

Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors.

Published: October 21, 2010; 3:00:04 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2010-4038

The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Published: October 21, 2010; 3:00:04 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2010-4037

Unspecified vulnerability in Google Chrome before 7.0.517.41 allows remote attackers to bypass the pop-up blocker via unknown vectors.

Published: October 21, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-4036

Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remote attackers to spoof URLs via unspecified vectors.

Published: October 21, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-4035

Google Chrome before 7.0.517.41 does not properly perform autofill operations for forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

Published: October 21, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-4034

Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.

Published: October 21, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-4033

Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors.

Published: October 21, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-3730

Google Chrome before 6.0.472.62 does not properly use information about the origin of a document to manage properties, which allows remote attackers to have an unspecified impact via a crafted web site, related to a "property pollution" issue.

Published: October 05, 2010; 2:00:32 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2010-3729

The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors.

Published: October 05, 2010; 2:00:32 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2010-1822

WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.

Published: October 04, 2010; 5:00:03 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2010-1825

Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements.

Published: September 24, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1824

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.

Published: September 24, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1823

Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098.

Published: September 24, 2010; 3:00:04 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1773

Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118.

Published: September 24, 2010; 3:00:04 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2010-1772

Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associated with geolocation upon deletion of a document.

Published: September 24, 2010; 3:00:04 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2010-3417

Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.

Published: September 16, 2010; 5:00:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-3416

Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: September 16, 2010; 5:00:02 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2010-3415

Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: September 16, 2010; 5:00:02 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-3414

Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. NOTE: this issue exists because of an incorrect fix for CVE-2010-3112 on Mac OS X.

Published: September 16, 2010; 5:00:02 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH