U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:google:chrome:1.0.154.64:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 3,257 matching records.
Displaying matches 2,441 through 2,460.
Vuln ID Summary CVSS Severity
CVE-2013-2926

Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements.

Published: October 16, 2013; 4:55:06 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2925

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object.

Published: October 16, 2013; 4:55:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2924

Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-2923

Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-2922

Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE element.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2921

Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2920

The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-2919

Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-2918

Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect handling of parent-child relationships for anonymous blocks.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-2917

The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the impulseResponse array.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-2916

Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code, in conjunction with a delay in notifying the user of an attempted spoof.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-2915

Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-2914

Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to color_chooser_dialog.cc and color_chooser_win.cc in browser/ui/views/.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2913

Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2912

Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a resource-destruction message.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-2911

Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of post-failure recompilation in unspecified libxslt versions.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2910

Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-2909

Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2013-2908

Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-2907

The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: October 02, 2013; 6:35:35 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM