The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index.
Max CVSS
7.5
EPSS Score
1.99%
Published
2013-12-07
Updated
2014-03-06
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index.
Max CVSS
7.5
EPSS Score
1.99%
Published
2013-12-07
Updated
2014-03-06
Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions.
Max CVSS
7.5
EPSS Score
2.20%
Published
2013-12-07
Updated
2014-03-06
Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013.
Max CVSS
9.3
EPSS Score
2.03%
Published
2013-11-18
Updated
2018-12-13
net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response.
Max CVSS
5.0
EPSS Score
5.86%
Published
2013-11-13
Updated
2017-09-19
The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.
Max CVSS
4.3
EPSS Score
2.37%
Published
2013-11-13
Updated
2017-09-19
Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or cause a denial of service (memory corruption) by writing a long string to the /dev/socket/init_runit socket that is inconsistent with a certain length value that was previously written to this socket.
Max CVSS
6.9
EPSS Score
0.05%
Published
2013-09-25
Updated
2013-09-25
The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring.
Max CVSS
5.0
EPSS Score
2.15%
Published
2013-10-02
Updated
2017-09-19
Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
1.80%
Published
2013-10-02
Updated
2018-10-30
The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the impulseResponse array.
Max CVSS
5.0
EPSS Score
1.29%
Published
2013-10-02
Updated
2017-09-19
The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.85%
Published
2013-10-02
Updated
2017-09-19
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text.
Max CVSS
5.0
EPSS Score
0.64%
Published
2013-07-10
Updated
2017-09-19
parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.
Max CVSS
5.0
EPSS Score
4.59%
Published
2013-07-10
Updated
2018-10-09
core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
2.18%
Published
2013-07-10
Updated
2017-09-19
Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image.
Max CVSS
4.3
EPSS Score
0.62%
Published
2013-07-10
Updated
2017-09-19
The PDF functionality in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.43%
Published
2013-06-05
Updated
2017-09-19
Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.74%
Published
2013-06-05
Updated
2017-09-19
Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.43%
Published
2013-06-05
Updated
2017-09-19
The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
5.0
EPSS Score
0.27%
Published
2013-06-05
Updated
2017-09-19
The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
1.13%
Published
2013-05-22
Updated
2017-09-19
Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.44%
Published
2013-05-22
Updated
2017-09-19
The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote attackers to obtain sensitive information via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.17%
Published
2013-04-16
Updated
2013-04-18
The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in the Google Chrome Frame plugin before 26.0.1410.28 for Internet Explorer does not properly handle attach tab requests, which allows user-assisted remote attackers to cause a denial of service (application crash) via an _blank value for the target attribute of an A element.
Max CVSS
4.3
EPSS Score
0.60%
Published
2013-03-07
Updated
2013-03-08
The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.25%
Published
2013-03-28
Updated
2017-09-19
The URL loader in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.48%
Published
2013-03-28
Updated
2017-09-19
42 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!