CVE-2007-0045
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and
Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote at
Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a
Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a d
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung
Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote attackers to spoof the Omnibo
Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigg
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers t
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory cor
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow re
A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows mal
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before
Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed
An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver
A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.
A memory corruption bug in WebAssembly could lead to out of bounds read and write through V8 in WebA
Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the
Insufficient data validation in crosh could lead to a command injection under chronos privileges in
An ability to process crash dumps under root privileges and inappropriate symlinks handling could le
Inappropriate symlink handling and a race condition in the stateful recovery feature implementation
Insufficient data validation in V8 builtins string generator could lead to out of bounds read and wr
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.349
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potent
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to pot
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to poten
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to poten
A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allo
Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to p
Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a
A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.
A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3
An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacke
An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed
A use after free in ResourceCoordinator in Google Chrome prior to 69.0.3497.81 allowed a remote atta
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote
A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowe
Cross-site scripting vulnerability in Google XML Sitemaps Version 4.0.9 and earlier allows remote au
An object lifecycle issue in Blink could lead to a use after free in WebAudio in Google Chrome prior
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3
Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 all
An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to
A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who h
Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to
Incorrect object lifecycle in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote att
A renderer initiated back navigation was incorrectly allowed to cancel a browser initiated one in Na
Incorrect handling of 304 status codes in Navigation in Google Chrome prior to 71.0.3578.80 allowed
Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80
Insufficiently strict origin checks during JIT payment app installation in Payments in Google Chrome
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for W
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.16
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359
Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google
Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacke
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome
Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.335
Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.11
readAsText() can indefinitely read the file picked by the user, rather than only once at the time th
Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote atta
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.
Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359
Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.
Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allo
Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to
An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in
A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potent
Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote a
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perfor
Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attac
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 67.0.3396.62
Lack of clearing the previous site before loading alerts from a new one in Blink in Google Chrome pr
CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to leak cros
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.339
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.
Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a
Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to pe
Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perfo
Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed a
A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had c
A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to poten
JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacke
Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote att
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a
Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 all
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chr
Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote a
Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who
Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potent
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker
Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker
Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had com
Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacke
Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attack
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker w
Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had
Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowe
Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowe
Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker wh
Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remot
Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to pote
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had
Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker w
Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potenti
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an
Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to p
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attac
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attack
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote atta
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attac
Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attack
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowe
Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote atta
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to pote
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to
Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to pot
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker wh
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain p
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote
In SmartBear Collaborator Server through 13.3.13302, use of the Google Web Toolkit (GWT) API introdu
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potenti
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote at
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had co
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potenti
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to po
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potenti
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker w
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to p
Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacke
The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache d
The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache dire
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrol
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 al
Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerabilit
Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 al
Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote
Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed
Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 a
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome
Use after free in Passwords in Google Chrome prior to 105.0.5195.125 allowed a remote attacker who h
Use after free in Browser History in Google Chrome prior to 100.0.4896.75 allowed a remote attacker
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attack
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remot
Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74
Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a
Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.541
Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.541
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a u
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a u
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74
Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a
Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote atta
Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5
Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.7
Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote att
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevati
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Google Nest WiFi Pro root code-execution & user-data compromise
The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to un
The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect mo
The CAOS | Host Google Analytics Locally plugin for WordPress is vulnerable to unauthorized modifica
Blind SQL Injection vulnerability in PrestaShow Google Integrator (PrestaShop addon) allows for data
The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents
Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had c
Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to
Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to pot
Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to poten
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attac