Export limit exceeded: 15013 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15013 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6642 | 1 Google | 2 Android, Chrome | 2025-04-11 | N/A |
| Google Chrome through 32.0.1700.23 on Android allows remote attackers to spoof the address bar via unspecified vectors. | ||||
| CVE-2013-6643 | 6 Apple, Debian, Google and 3 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2025-04-11 | N/A |
| The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog. | ||||
| CVE-2013-6644 | 6 Apple, Debian, Google and 3 more | 6 Mac Os X, Debian Linux, Chrome and 3 more | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2013-6649 | 3 Debian, Google, Opensuse | 3 Debian Linux, Chrome, Opensuse | 2025-04-11 | N/A |
| Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image. | ||||
| CVE-2013-6652 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-04-11 | N/A |
| Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in the sandbox via vectors related to (1) lack of checks for .. (dot dot) sequences or (2) lack of use of the \\?\ protection mechanism. | ||||
| CVE-2013-6654 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2013-2835 | 1 Google | 1 Chrome Os | 2025-04-11 | N/A |
| Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2834. | ||||
| CVE-2013-2844 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution. | ||||
| CVE-2013-6655 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. | ||||
| CVE-2013-2853 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation. | ||||
| CVE-2013-6657 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-2855 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2013-6661 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors. | ||||
| CVE-2013-2856 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. | ||||
| CVE-2013-2859 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors. | ||||
| CVE-2013-2860 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving access to a database API by a worker process. | ||||
| CVE-2013-2862 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2013-2863 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | ||||
| CVE-2013-2865 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.110 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2013-2867 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-04-11 | N/A |
| Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site. | ||||