National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:google:chrome:10.0.607.0
There are 1,629 matching records.
Displaying matches 1601 through 1620.
Vuln ID Summary CVSS Severity
CVE-2011-1465

The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.

Published: March 19, 2011; 10:00:04 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-1413

Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages.

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 5.0 MEDIUM
CVE-2011-1286

Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory.

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1285

The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1204

Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 6.8 MEDIUM
CVE-2011-1203

Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1202

The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 5.0 MEDIUM
CVE-2011-1201

The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1200

Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during text rendering, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Published: March 10, 2011; 09:01:20 PM -05:00
    V2: 6.8 MEDIUM
CVE-2011-1199

Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1198

The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure."

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1197

Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1196

The OGG container implementation in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1195

Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling."

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1194

Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors.

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 5.0 MEDIUM
CVE-2011-1193

Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1192

Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 5.0 MEDIUM
CVE-2011-1191

Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs.

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 7.5 HIGH
CVE-2011-1190

The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."

Published: March 10, 2011; 09:01:19 PM -05:00
    V2: 5.0 MEDIUM
CVE-2011-1189

Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

Published: March 10, 2011; 09:01:18 PM -05:00
    V2: 7.5 HIGH