Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The ESECOMM Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13950 (May 2019).
The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The Authnr Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13949 (May 2019).
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values.
browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted web page.
Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.
Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing.
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors.
An issue was discovered on Samsung mobile devices with O(8.x) software. Attackers can disable Gallery permanently. The Samsung ID is SVE-2019-14031 (May 2019).
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document.
Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.
Skia, as used in Google Chrome before 23.0.1271.64, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages.
The compositor in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36075131.
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-8119 (April 2017).
A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35028827.
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64380403.
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017).
An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017).
An issue was discovered on Samsung mobile devices with N(7.x) software. There is a WifiStateMachine IllegalArgumentException and reboot if a malformed wpa_supplicant.conf is read. The Samsung ID is SVE-2017-9828 (October 2017).
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017).
Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 (May 2017).
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017).
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65122447.
Rendertron 1.0.0 includes an _ah/stop route to shutdown the Chrome instance responsible for serving render requests to all users. Visiting this route with a GET request allows any unauthorized remote attacker to disable the core service of the application.
The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) (Exynos7420 or Exynox8890 chipsets) software. The Camera application can leak uninitialized memory via ion. The Samsung ID is SVE-2016-6989 (April 2017).
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. android.intent.action.SIOP_LEVEL_CHANGED allows a serializable intent reboot. The Samsung ID is SVE-2017-8363 (May 2017).
Google Chrome before 8.0.552.215 does not properly handle HTTP proxy authentication, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."
An issue was discovered on Samsung mobile devices with N(7.x) software. Because of missing Intent exception handling, system_server can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 (July 2017).
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Broadcom Wi-Fi, and SEC Wi-Fi chipsets) software. Wi-Fi allows a denial of service via TCP SYN packets. The Samsung ID is SVE-2018-13162 (March 2019).
Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attackers to cause a denial of service (assertion failure) via unspecified vectors.
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome before 14.0.835.163 does not properly process MP3 files, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.