Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:google:chrome:31.0.1650.50:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-6649 |
Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image. Published: January 28, 2014; 9:30:33 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6646 |
Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the shutting down of a worker process. Published: January 16, 2014; 7:17:26 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6645 |
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element. Published: January 16, 2014; 7:17:26 AM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-6644 |
Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Published: January 16, 2014; 7:17:26 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6643 |
The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog. Published: January 16, 2014; 7:17:26 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6642 |
Google Chrome through 32.0.1700.23 on Android allows remote attackers to spoof the address bar via unspecified vectors. Published: January 16, 2014; 7:17:26 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-6641 |
Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of the past names map of a FORM element. Published: January 16, 2014; 7:17:26 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6640 |
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index. Published: December 06, 2013; 7:55:04 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6639 |
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. Published: December 06, 2013; 7:55:04 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6638 |
Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions. Published: December 06, 2013; 7:55:03 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6637 |
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Published: December 06, 2013; 7:55:03 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6636 |
The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method. Published: December 06, 2013; 7:55:03 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-6635 |
Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. Published: December 06, 2013; 7:55:03 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-6634 |
The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by triggering improper sync after a 302 (aka Found) HTTP status code. Published: December 06, 2013; 7:55:03 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-6802 |
Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632. Published: November 18, 2013; 12:23:57 AM -0500 |
V3.x:(not available) V2.0: 5.8 MEDIUM |
CVE-2013-6632 |
Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013. Published: November 18, 2013; 12:23:57 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |