Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-0902

Summary
Assigner-Chrome
Assigner Org ID-ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At-04 Mar, 2013 | 22:00
Updated At-06 Aug, 2024 | 14:41
Rejected At-
Credits

Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Chrome
Assigner Org ID:ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At:04 Mar, 2013 | 22:00
Updated At:06 Aug, 2024 | 14:41
Rejected At:
â–¼CVE Numbering Authority (CNA)

Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
x_refsource_CONFIRM
https://code.google.com/p/chromium/issues/detail?id=176882
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=176882
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439
Resource:
vdb-entry
signature
x_refsource_OVAL
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
x_refsource_CONFIRM
x_transferred
https://code.google.com/p/chromium/issues/detail?id=176882
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=176882
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:chrome-cve-admin@google.com
Published At:05 Mar, 2013 | 21:55
Updated At:29 Apr, 2026 | 01:13

Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Google LLC
google
>>chrome>>Versions up to 25.0.1364.126(inclusive)
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.0
cpe:2.3:a:google:chrome:25.0.1364.0:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.1
cpe:2.3:a:google:chrome:25.0.1364.1:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.2
cpe:2.3:a:google:chrome:25.0.1364.2:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.3
cpe:2.3:a:google:chrome:25.0.1364.3:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.5
cpe:2.3:a:google:chrome:25.0.1364.5:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.7
cpe:2.3:a:google:chrome:25.0.1364.7:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.8
cpe:2.3:a:google:chrome:25.0.1364.8:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.9
cpe:2.3:a:google:chrome:25.0.1364.9:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.10
cpe:2.3:a:google:chrome:25.0.1364.10:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.11
cpe:2.3:a:google:chrome:25.0.1364.11:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.12
cpe:2.3:a:google:chrome:25.0.1364.12:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.13
cpe:2.3:a:google:chrome:25.0.1364.13:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.14
cpe:2.3:a:google:chrome:25.0.1364.14:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.15
cpe:2.3:a:google:chrome:25.0.1364.15:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.16
cpe:2.3:a:google:chrome:25.0.1364.16:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.17
cpe:2.3:a:google:chrome:25.0.1364.17:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.18
cpe:2.3:a:google:chrome:25.0.1364.18:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.19
cpe:2.3:a:google:chrome:25.0.1364.19:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.20
cpe:2.3:a:google:chrome:25.0.1364.20:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.21
cpe:2.3:a:google:chrome:25.0.1364.21:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.22
cpe:2.3:a:google:chrome:25.0.1364.22:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.23
cpe:2.3:a:google:chrome:25.0.1364.23:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.24
cpe:2.3:a:google:chrome:25.0.1364.24:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.25
cpe:2.3:a:google:chrome:25.0.1364.25:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.26
cpe:2.3:a:google:chrome:25.0.1364.26:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.27
cpe:2.3:a:google:chrome:25.0.1364.27:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.28
cpe:2.3:a:google:chrome:25.0.1364.28:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.29
cpe:2.3:a:google:chrome:25.0.1364.29:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.30
cpe:2.3:a:google:chrome:25.0.1364.30:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.31
cpe:2.3:a:google:chrome:25.0.1364.31:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.32
cpe:2.3:a:google:chrome:25.0.1364.32:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.33
cpe:2.3:a:google:chrome:25.0.1364.33:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.34
cpe:2.3:a:google:chrome:25.0.1364.34:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.35
cpe:2.3:a:google:chrome:25.0.1364.35:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.36
cpe:2.3:a:google:chrome:25.0.1364.36:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.37
cpe:2.3:a:google:chrome:25.0.1364.37:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.38
cpe:2.3:a:google:chrome:25.0.1364.38:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.39
cpe:2.3:a:google:chrome:25.0.1364.39:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.40
cpe:2.3:a:google:chrome:25.0.1364.40:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.41
cpe:2.3:a:google:chrome:25.0.1364.41:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.42
cpe:2.3:a:google:chrome:25.0.1364.42:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.43
cpe:2.3:a:google:chrome:25.0.1364.43:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.44
cpe:2.3:a:google:chrome:25.0.1364.44:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.45
cpe:2.3:a:google:chrome:25.0.1364.45:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.46
cpe:2.3:a:google:chrome:25.0.1364.46:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.47
cpe:2.3:a:google:chrome:25.0.1364.47:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.48
cpe:2.3:a:google:chrome:25.0.1364.48:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.49
cpe:2.3:a:google:chrome:25.0.1364.49:*:*:*:*:*:*:*
Google LLC
google
>>chrome>>25.0.1364.50
cpe:2.3:a:google:chrome:25.0.1364.50:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.htmlchrome-cve-admin@google.com
N/A
https://code.google.com/p/chromium/issues/detail?id=176882chrome-cve-admin@google.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439chrome-cve-admin@google.com
N/A
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://code.google.com/p/chromium/issues/detail?id=176882af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=176882
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=176882
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16439
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

715Records found
CVE-2020-25055
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 14.51%
||
7 Day CHG~0.00%
Published-31 Aug, 2020 | 20:24
Updated-04 Aug, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-25057
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 34.66%
||
7 Day CHG~0.00%
Published-31 Aug, 2020 | 20:47
Updated-04 Aug, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on LG mobile devices with Android OS 10 software. MDMService does not properly restrict APK installations. The LG ID is LVE-SMP-200011 (July 2020).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CVE-2011-2838
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.34%
||
7 Day CHG~0.00%
Published-17 Sep, 2011 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 14.0.835.163 does not properly consider the MIME type during the loading of a plug-in, which has unspecified impact and remote attack vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-2111
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.76% / 73.38%
||
7 Day CHG~0.00%
Published-08 Jul, 2019 | 17:37
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122856181.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-1115
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.82% / 86.23%
||
7 Day CHG~0.00%
Published-01 Mar, 2011 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-chromeiphone_ossafariitunesn/a
CVE-2012-2866
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.62% / 81.89%
||
7 Day CHG~0.00%
Published-31 Aug, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CVE-2012-2880
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.69% / 71.81%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2012-2831
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.46% / 80.95%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2833
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.57% / 68.55%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2843
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.52% / 66.65%
||
7 Day CHG~0.00%
Published-12 Jul, 2012 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2869
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.38% / 80.40%
||
7 Day CHG~0.00%
Published-31 Aug, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2887
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-2.16% / 84.37%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CVE-2012-2856
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.37%
||
7 Day CHG~0.00%
Published-06 Aug, 2012 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.

Action-Not Available
Vendor-n/aApple Inc.Google LLCLinux Kernel Organization, IncMicrosoft Corporation
Product-mac_os_xframewindowschromelinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2863
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.37%
||
7 Day CHG~0.00%
Published-09 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2874
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.57%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2888
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.57%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CVE-2012-2859
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.95% / 76.43%
||
7 Day CHG~0.00%
Published-06 Aug, 2012 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 21.0.1180.57 on Linux does not properly handle tabs, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aGoogle LLCLinux Kernel Organization, Inc
Product-chromelinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2896
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.66% / 71.10%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the WebGL implementation in Google Chrome before 22.0.1229.79 on Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-chromemac_os_xn/a
CVE-2012-2818
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.88% / 83.26%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the layout of documents that use the Cascading Style Sheets (CSS) counters feature.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2883
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.57%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2881
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.57%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2827
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.30%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-chromemac_os_xn/a
CVE-2021-39655
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.17% / 38.25%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:06
Updated-04 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CVE-2012-2885
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.38% / 80.40%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CVE-2012-2878
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.57%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CVE-2012-2830
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.78% / 73.83%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2829
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.46% / 80.95%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2842
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.46% / 80.95%
||
7 Day CHG~0.00%
Published-12 Jul, 2012 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2823
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.37%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2876
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.97% / 76.66%
||
7 Day CHG~0.00%
Published-26 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLCopenSUSE
Product-chromeopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2900
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.37%
||
7 Day CHG~0.00%
Published-09 Oct, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Skia, as used in Google Chrome before 22.0.1229.92, does not properly render text, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2012-2817
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.46% / 80.95%
||
7 Day CHG~0.00%
Published-27 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to tables that have sections.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2011-0778
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.76%
||
7 Day CHG~0.00%
Published-04 Feb, 2011 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2011-3919
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-3.19% / 87.04%
||
7 Day CHG~0.00%
Published-07 Jan, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aApple Inc.Google LLCSUSERed Hat, Inc.Debian GNU/Linux
Product-debian_linuxmac_os_xenterprise_linux_serverenterprise_linux_workstationenterprise_linux_desktoplinux_enterprise_serverenterprise_linux_server_eusiphone_oschromen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3957
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-2.86% / 86.31%
||
7 Day CHG~0.00%
Published-09 Feb, 2012 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3880
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.20% / 41.47%
||
7 Day CHG~0.00%
Published-25 Oct, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a delimiter in HTTP headers, which has unknown impact and remote attack vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-3896
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.78% / 73.71%
||
7 Day CHG~0.00%
Published-11 Nov, 2011 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-3922
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.28% / 79.67%
||
7 Day CHG~0.00%
Published-07 Jan, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3928
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.86% / 83.14%
||
7 Day CHG~0.00%
Published-24 Jan, 2012 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-chromeiphone_ossafarin/a
CWE ID-CWE-416
Use After Free
CVE-2011-3891
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.78% / 73.83%
||
7 Day CHG~0.00%
Published-25 Oct, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2011-3927
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.89% / 75.57%
||
7 Day CHG~0.00%
Published-24 Jan, 2012 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-665
Improper Initialization
CVE-2011-3904
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.71% / 72.37%
||
7 Day CHG~0.00%
Published-13 Dec, 2011 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3879
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.20% / 41.47%
||
7 Day CHG~0.00%
Published-25 Oct, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 15.0.874.102 does not prevent redirects to chrome: URLs, which has unspecified impact and remote attack vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2011-3915
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.57% / 68.55%
||
7 Day CHG~0.00%
Published-13 Dec, 2011 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-3892
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-2.11% / 84.19%
||
7 Day CHG~0.00%
Published-11 Nov, 2011 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxn/a
CWE ID-CWE-415
Double Free
CVE-2011-3889
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.72% / 72.45%
||
7 Day CHG~0.00%
Published-25 Oct, 2011 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3959
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-3.16% / 86.98%
||
7 Day CHG~0.00%
Published-09 Feb, 2012 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-3913
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-2.29% / 84.79%
||
7 Day CHG~0.00%
Published-13 Dec, 2011 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-chromeiphone_ossafariitunesn/a
CWE ID-CWE-416
Use After Free
CVE-2011-3914
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.52% / 66.84%
||
7 Day CHG~0.00%
Published-13 Dec, 2011 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The internationalization (aka i18n) functionality in Google V8, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3898
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-1.69% / 82.36%
||
7 Day CHG~0.00%
Published-11 Nov, 2011 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-269
Improper Privilege Management
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 14
  • 15
  • Next
Details not found