National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:google:chrome:1.0.154.65
There are 1,839 matching records.
Displaying matches 1781 through 1800.
Vuln ID Summary CVSS Severity
CVE-2010-2108

Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors.

Published: May 28, 2010; 02:30:01 PM -04:00
    V2: 10.0 HIGH
CVE-2010-2107

Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.

Published: May 28, 2010; 02:30:01 PM -04:00
    V2: 10.0 HIGH
CVE-2010-2106

Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.

Published: May 28, 2010; 02:30:01 PM -04:00
    V2: 10.0 HIGH
CVE-2010-2105

Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors.

Published: May 28, 2010; 02:30:01 PM -04:00
    V2: 10.0 HIGH
CVE-2010-1851

Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage" issue.

Published: May 07, 2010; 02:24:16 PM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1731

Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.

Published: May 06, 2010; 10:53:01 AM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1665

Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

Published: May 03, 2010; 09:51:53 AM -04:00
    V2: 7.5 HIGH
CVE-2010-1664

Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.

Published: May 03, 2010; 09:51:53 AM -04:00
    V2: 5.0 MEDIUM
CVE-2010-1663

The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: May 03, 2010; 09:51:53 AM -04:00
    V2: 10.0 HIGH
CVE-2010-1506

The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors.

Published: April 23, 2010; 10:30:01 AM -04:00
    V2: 7.8 HIGH
CVE-2010-1505

Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.

Published: April 23, 2010; 10:30:01 AM -04:00
    V2: 10.0 HIGH
CVE-2010-1504

Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.

Published: April 23, 2010; 10:30:01 AM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1503

Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.

Published: April 23, 2010; 10:30:01 AM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1502

Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools."

Published: April 23, 2010; 10:30:01 AM -04:00
    V2: 9.3 HIGH
CVE-2010-1500

Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error."

Published: April 23, 2010; 10:30:01 AM -04:00
    V2: 7.5 HIGH
CVE-2010-1236

The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Google Chrome before 4.1.249.1036 and Flock Browser 3.x before 3.0.0.4112, does not properly handle whitespace at the beginning of a URL, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted javascript: URL, as demonstrated by a \x00javascript:alert sequence.

Published: April 01, 2010; 06:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1235

Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors.

Published: April 01, 2010; 06:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2010-1234

Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate the URL shown in the HTTP Basic Authentication dialog via unknown vectors.

Published: April 01, 2010; 06:30:00 PM -04:00
    V2: 7.5 HIGH
CVE-2010-1233

Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects.

Published: April 01, 2010; 06:30:00 PM -04:00
    V2: 10.0 HIGH
CVE-2010-1232

Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via a malformed SVG document.

Published: April 01, 2010; 06:30:00 PM -04:00
    V2: 5.0 MEDIUM