Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-0467

Summary
Assigner-Chrome
Assigner Org ID-ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At-05 Apr, 2022 | 00:51
Updated At-02 Aug, 2024 | 23:32
Rejected At-
Credits

Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Chrome
Assigner Org ID:ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At:05 Apr, 2022 | 00:51
Updated At:02 Aug, 2024 | 23:32
Rejected At:
▼CVE Numbering Authority (CNA)

Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Affected Products
Vendor
Google LLCGoogle
Product
Chrome
Versions
Affected
  • From unspecified before 98.0.4758.80 (custom)
Problem Types
TypeCWE IDDescription
textN/AInappropriate implementation
Type: text
CWE ID: N/A
Description: Inappropriate implementation
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html
x_refsource_MISC
https://crbug.com/1239496
x_refsource_MISC
Hyperlink: https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html
Resource:
x_refsource_MISC
Hyperlink: https://crbug.com/1239496
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html
x_refsource_MISC
x_transferred
https://crbug.com/1239496
x_refsource_MISC
x_transferred
Hyperlink: https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://crbug.com/1239496
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:chrome-cve-admin@google.com
Published At:05 Apr, 2022 | 01:15
Updated At:12 Apr, 2022 | 18:45

Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Google LLC
google
>>chrome>>Versions before 98.0.4758.80(exclusive)
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.htmlchrome-cve-admin@google.com
Release Notes
Vendor Advisory
https://crbug.com/1239496chrome-cve-admin@google.com
Exploit
Patch
Vendor Advisory
Hyperlink: https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html
Source: chrome-cve-admin@google.com
Resource:
Release Notes
Vendor Advisory
Hyperlink: https://crbug.com/1239496
Source: chrome-cve-admin@google.com
Resource:
Exploit
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2183Records found
CVE-2025-13631
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.02%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 19:00
Updated-04 Dec, 2025 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationLinux Kernel Organization, IncGoogle LLC
Product-macoslinux_kernelwindowschromeChrome
CVE-2011-3876
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.20% / 41.62%
||
7 Day CHG~0.00%
Published-25 Oct, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 15.0.874.102 does not properly handle downloading files that have whitespace characters at the end of a filename, which has unspecified impact and user-assisted remote attack vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2025-12907
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.18% / 39.77%
||
7 Day CHG~0.00%
Published-07 Nov, 2025 | 23:23
Updated-21 Nov, 2025 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0794
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.60%
||
7 Day CHG~0.00%
Published-08 Sep, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A elevation of privilege vulnerability in the Upstream kernel scsi driver. Product: Android. Versions: Android kernel. Android ID: A-35644812.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2017-0750
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.26% / 48.98%
||
7 Day CHG~0.00%
Published-09 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A elevation of privilege vulnerability in the Upstream Linux file system. Product: Android. Versions: Android kernel. Android ID: A-36817013.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-13720
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.31%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 19:00
Updated-04 Dec, 2025 | 18:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationLinux Kernel Organization, IncGoogle LLC
Product-macoslinux_kernelwindowschromeChrome
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2024-7968
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.69% / 71.47%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 20:20
Updated-27 Aug, 2024 | 13:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChromechrome
CWE ID-CWE-416
Use After Free
CVE-2020-0406
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.30%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 20:53
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libmpeg2dec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if another exploit allowed this to be triggered with different parameters, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137794014

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3971
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-1.96% / 83.18%
||
7 Day CHG~0.00%
Published-09 Feb, 2012 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3886
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.91% / 75.36%
||
7 Day CHG~0.00%
Published-25 Oct, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers out-of-bounds write operations.

Action-Not Available
Vendor-n/aGoogle LLC
Product-v8chromen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-15201
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.19% / 41.28%
||
7 Day CHG~0.00%
Published-25 Sep, 2020 | 18:46
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap buffer overflow in Tensorflow

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the `splits` tensor generate a valid partitioning of the `values` tensor. Hence, the code is prone to heap buffer overflow. If `split_values` does not end with a value at least `num_values` then the `while` loop condition will trigger a read outside of the bounds of `split_values` once `batch_idx` grows too large. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-16017
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-21.41% / 95.57%
||
7 Day CHG~0.00%
Published-08 Jan, 2021 | 17:50
Updated-24 Oct, 2025 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChromeChrome
CWE ID-CWE-416
Use After Free
CVE-2011-3878
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.52% / 66.14%
||
7 Day CHG~0.00%
Published-25 Oct, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2025-13638
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.14% / 33.66%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 19:00
Updated-04 Dec, 2025 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationLinux Kernel Organization, IncGoogle LLC
Product-macoslinux_kernelwindowschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2011-3873
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-1.63% / 81.56%
||
7 Day CHG~0.00%
Published-04 Oct, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 14.0.835.202 does not properly implement shader translation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-3897
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-2.10% / 83.73%
||
7 Day CHG~0.00%
Published-11 Nov, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3956
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 28.47%
||
7 Day CHG~0.00%
Published-09 Feb, 2012 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-346
Origin Validation Error
CVE-2011-3969
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-1.96% / 83.18%
||
7 Day CHG~0.00%
Published-09 Feb, 2012 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2025-13226
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.31%
||
7 Day CHG~0.00%
Published-17 Nov, 2025 | 23:19
Updated-19 Nov, 2025 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCLinux Kernel Organization, IncMicrosoft CorporationApple Inc.
Product-chromemacoslinux_kernelwindowsChrome
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2011-3958
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-2.29% / 84.39%
||
7 Day CHG~0.00%
Published-09 Feb, 2012 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3102
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.99% / 83.27%
||
7 Day CHG~0.00%
Published-16 May, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aApple Inc.Google LLC
Product-iphone_oschromen/a
CVE-2011-2796
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.83% / 74.12%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3026
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-43.17% / 97.40%
||
7 Day CHG~0.00%
Published-16 Feb, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

Action-Not Available
Vendor-n/aSUSEGoogle LLCopenSUSEApple Inc.
Product-opensusemac_os_xsuse_linux_enterprise_serverlinux_enterprise_serveriphone_oschromemac_os_x_servern/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2011-3037
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.76% / 85.69%
||
7 Day CHG~0.00%
Published-05 Mar, 2012 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Action-Not Available
Vendor-n/aopenSUSEApple Inc.Google LLC
Product-opensuseiphone_ositunessafarichromen/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2011-2847
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-2.46% / 84.89%
||
7 Day CHG~0.00%
Published-17 Sep, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-2859
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.15% / 35.34%
||
7 Day CHG~0.00%
Published-17 Sep, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2011-2846
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-2.10% / 83.73%
||
7 Day CHG~0.00%
Published-17 Sep, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2025-13229
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.31%
||
7 Day CHG~0.00%
Published-17 Nov, 2025 | 23:19
Updated-19 Nov, 2025 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCLinux Kernel Organization, IncMicrosoft CorporationApple Inc.
Product-chromemacoslinux_kernelwindowsChrome
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2011-3052
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.44% / 80.41%
||
7 Day CHG~0.00%
Published-22 Mar, 2012 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Action-Not Available
Vendor-n/aopenSUSEGoogle LLC
Product-opensusechromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2799
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-2.01% / 83.35%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-2802
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-1.12% / 77.85%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-2797
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-2.01% / 83.35%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2026-2441
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.63% / 69.78%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 18:27
Updated-18 Feb, 2026 | 13:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2026-03-10||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-chromemacoswindowslinux_kernelChromeChromium
CWE ID-CWE-416
Use After Free
CVE-2011-3019
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.68% / 71.02%
||
7 Day CHG~0.00%
Published-16 Feb, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3043
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.36% / 84.61%
||
7 Day CHG~0.00%
Published-05 Mar, 2012 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements.

Action-Not Available
Vendor-n/aopenSUSEApple Inc.Google LLC
Product-opensuseiphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-2881
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.53% / 66.88%
||
7 Day CHG~0.00%
Published-04 Oct, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 14.0.835.202 does not properly handle Google V8 hidden objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-3045
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-4.46% / 88.82%
||
7 Day CHG~0.00%
Published-22 Mar, 2012 | 16:00
Updated-09 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

Action-Not Available
Vendor-libpngn/aGoogle LLCFedora ProjectDebian GNU/LinuxopenSUSERed Hat, Inc.
Product-storagedebian_linuxenterprise_linux_workstationenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_desktopgluster_storageopensusestorage_for_public_cloudlibpngfedorachromeenterprise_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-195
Signed to Unsigned Conversion Error
CVE-2011-2794
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-0.83% / 74.12%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2011-3072
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.36% / 57.31%
||
7 Day CHG~0.00%
Published-05 Apr, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-346
Origin Validation Error
CVE-2025-12727
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.02%
||
7 Day CHG~0.00%
Published-10 Nov, 2025 | 20:00
Updated-25 Nov, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationApple Inc.Linux Kernel Organization, IncGoogle LLC
Product-chromewindowsmacoslinux_kernelChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3078
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-7.35% / 91.51%
||
7 Day CHG~0.00%
Published-01 May, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081.

Action-Not Available
Vendor-n/aApple Inc.Google LLC
Product-itunesiphone_ossafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3075
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.13% / 83.81%
||
7 Day CHG~0.00%
Published-05 Apr, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.

Action-Not Available
Vendor-n/aApple Inc.Google LLC
Product-itunesiphone_ossafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3073
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.86% / 85.94%
||
7 Day CHG~0.00%
Published-05 Apr, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.

Action-Not Available
Vendor-n/aApple Inc.Google LLC
Product-itunesiphone_ossafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2011-3068
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.51% / 85.03%
||
7 Day CHG~0.00%
Published-05 Apr, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes.

Action-Not Available
Vendor-n/aApple Inc.Google LLC
Product-itunesiphone_ossafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2025-13633
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.14% / 33.66%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 19:03
Updated-04 Dec, 2025 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationLinux Kernel Organization, IncGoogle LLC
Product-macoslinux_kernelwindowschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2020-0489
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-0.48% / 64.55%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 15:56
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Parse_data of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151096540

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-2788
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-3.15% / 86.58%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.

Action-Not Available
Vendor-n/aGoogle LLCApple Inc.
Product-iphone_ositunessafarichromen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2011-3032
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.57% / 81.19%
||
7 Day CHG~0.00%
Published-05 Mar, 2012 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values.

Action-Not Available
Vendor-n/aopenSUSEApple Inc.Google LLC
Product-opensuseiphone_ositunessafarichromen/a
CWE ID-CWE-416
Use After Free
CVE-2020-0475
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.09%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 15:54
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In createInputConsumer of WindowManagerService.java, there is a possible way to block and intercept input events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162324374

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-862
Missing Authorization
CVE-2011-2359
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-6.8||MEDIUM
EPSS-4.40% / 88.74%
||
7 Day CHG~0.00%
Published-03 Aug, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Action-Not Available
Vendor-n/aApple Inc.Debian GNU/LinuxGoogle LLC
Product-debian_linuxiphone_ositunessafarichromen/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 43
  • 44
  • Next
Details not found