Skip to main content

195 docs tagged with "Google"

View all tags

CVE-2007-0045

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and

CVE-2007-0048

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x

CVE-2011-3919

Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote at

CVE-2011-3921

Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a

CVE-2011-3922

Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a d

CVE-2012-0695

Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung

CVE-2012-2898

Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote attackers to spoof the Omnibo

CVE-2012-2899

Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigg

CVE-2013-5349

Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers

CVE-2013-5357

Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers t

CVE-2013-5358

Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory cor

CVE-2013-5359

Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow re

CVE-2014-9908

A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows mal

CVE-2015-1290

The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before

CVE-2016-10403

Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed

CVE-2016-5346

An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver

CVE-2016-9651

A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.

CVE-2017-15401

A memory corruption bug in WebAssembly could lead to out of bounds read and write through V8 in WebA

CVE-2017-15402

Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the

CVE-2017-15403

Insufficient data validation in crosh could lead to a command injection under chronos privileges in

CVE-2017-15404

An ability to process crash dumps under root privileges and inappropriate symlinks handling could le

CVE-2017-15405

Inappropriate symlink handling and a race condition in the stateful recovery feature implementation

CVE-2017-15428

Insufficient data validation in V8 builtins string generator could lead to out of bounds read and wr

CVE-2018-16065

A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.349

CVE-2018-16066

A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potent

CVE-2018-16067

A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to pot

CVE-2018-16068

Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to poten

CVE-2018-16071

A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to poten

CVE-2018-16072

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allo

CVE-2018-16076

Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to p

CVE-2018-16078

Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a

CVE-2018-16079

A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.

CVE-2018-16080

A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497

CVE-2018-16081

Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3

CVE-2018-16082

An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacke

CVE-2018-16083

An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497

CVE-2018-16084

The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed

CVE-2018-16085

A use after free in ResourceCoordinator in Google Chrome prior to 69.0.3497.81 allowed a remote atta

CVE-2018-16087

Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote

CVE-2018-16088

A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowe

CVE-2018-16204

Cross-site scripting vulnerability in Google XML Sitemaps Version 4.0.9 and earlier allows remote au

CVE-2018-17457

An object lifecycle issue in Blink could lead to a use after free in WebAudio in Google Chrome prior

CVE-2018-17458

An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3

CVE-2018-17459

Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 all

CVE-2018-17461

An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to

CVE-2018-17470

A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who h

CVE-2018-20065

Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to

CVE-2018-20066

Incorrect object lifecycle in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote att

CVE-2018-20067

A renderer initiated back navigation was incorrectly allowed to cancel a browser initiated one in Na

CVE-2018-20068

Incorrect handling of 304 status codes in Navigation in Google Chrome prior to 71.0.3578.80 allowed

CVE-2018-20069

Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior

CVE-2018-20070

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80

CVE-2018-20071

Insufficiently strict origin checks during JIT payment app installation in Payments in Google Chrome

CVE-2018-3810

Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for W

CVE-2018-3811

SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress

CVE-2018-6056

Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.16

CVE-2018-6084

Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359

CVE-2018-6091

Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google

CVE-2018-6093

Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacke

CVE-2018-6096

A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome

CVE-2018-6097

Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.335

CVE-2018-6100

Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0

CVE-2018-6106

An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.11

CVE-2018-6109

readAsText() can indefinitely read the file picked by the user, rather than only once at the time th

CVE-2018-6110

Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote atta

CVE-2018-6111

An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.

CVE-2018-6112

Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359

CVE-2018-6113

Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.

CVE-2018-6114

Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allo

CVE-2018-6117

Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to

CVE-2018-6120

An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in

CVE-2018-6123

A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potent

CVE-2018-6124

Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote a

CVE-2018-6126

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perfor

CVE-2018-6127

Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attac

CVE-2018-6133

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 67.0.3396.62

CVE-2018-6135

Lack of clearing the previous site before loading alerts from a new one in Blink in Google Chrome pr

CVE-2018-6137

CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to leak cros

CVE-2018-6139

Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.339

CVE-2018-6140

Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.

CVE-2018-6141

Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a

CVE-2018-6143

Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to pe

CVE-2018-6144

Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perfo

CVE-2018-6147

Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a

CVE-2018-6151

Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed a

CVE-2018-6153

A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had c

CVE-2018-6158

A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to poten

CVE-2018-6160

JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacke

CVE-2018-6162

Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote att

CVE-2018-6163

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75

CVE-2018-6164

Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a

CVE-2018-6165

Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote

CVE-2018-6166

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75

CVE-2018-6167

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75

CVE-2018-6169

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 all

CVE-2018-6170

A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially

CVE-2018-6172

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75

CVE-2018-6173

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75

CVE-2018-6174

Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote

CVE-2018-6175

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75

CVE-2018-6178

Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed

CVE-2018-6179

Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chr

CVE-2019-13765

Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote a

CVE-2019-13766

Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to

CVE-2019-13767

Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who

CVE-2019-13768

Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potent

CVE-2019-5844

Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker

CVE-2019-5845

Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker

CVE-2019-5846

Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker

CVE-2020-16012

Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote

CVE-2020-16013

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker

CVE-2020-16014

Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had com

CVE-2020-16015

Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacke

CVE-2020-16016

Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attack

CVE-2020-16017

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker w

CVE-2020-16018

Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had

CVE-2020-16019

Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowe

CVE-2020-16020

Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowe

CVE-2020-16021

Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker wh

CVE-2020-16022

Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remot

CVE-2020-16023

Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to pote

CVE-2020-16024

Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had

CVE-2020-16025

Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker w

CVE-2020-16026

Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potenti

CVE-2020-16027

Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an

CVE-2020-16028

Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to p

CVE-2020-16029

Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attac

CVE-2020-16030

Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attack

CVE-2020-16031

Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker

CVE-2020-16032

Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote atta

CVE-2020-16033

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attac

CVE-2020-16034

Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attack

CVE-2020-16035

Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowe

CVE-2020-16036

Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote atta

CVE-2020-16037

Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to pote

CVE-2020-16038

Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to

CVE-2020-16039

Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to pot

CVE-2020-16040

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker

CVE-2020-16041

Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker wh

CVE-2020-16042

Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain p

CVE-2020-16043

Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote

CVE-2020-26118

In SmartBear Collaborator Server through 13.3.13302, use of the Google Web Toolkit (GWT) API introdu

CVE-2020-6377

Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potenti

CVE-2021-21106

Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had

CVE-2021-21107

Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote at

CVE-2021-21108

Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had co

CVE-2021-21109

Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had

CVE-2021-21110

Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to

CVE-2021-21111

Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker

CVE-2021-21112

Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potenti

CVE-2021-21113

Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to po

CVE-2021-21114

Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potenti

CVE-2021-21115

User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker w

CVE-2021-21116

Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to p

CVE-2021-21200

Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacke

CVE-2021-25020

The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 does not validate the cache d

CVE-2021-25021

The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 does not validate the cache dire

CVE-2021-3011

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrol

CVE-2021-30558

Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 al

CVE-2021-39143

Spinnaker is an open source, multi-cloud continuous delivery platform. A path traversal vulnerabilit

CVE-2022-0337

Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 al

CVE-2022-0801

Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote

CVE-2022-2742

Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed

CVE-2022-2743

Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 a

CVE-2022-36442

An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome

CVE-2022-3842

Use after free in Passwords in Google Chrome prior to 105.0.5195.125 allowed a remote attacker who h

CVE-2022-3863

Use after free in Browser History in Google Chrome prior to 100.0.4896.75 allowed a remote attacker

CVE-2022-4025

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attack

CVE-2023-0128

Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remot

CVE-2023-0129

Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker

CVE-2023-0130

Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74

CVE-2023-0131

Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a

CVE-2023-0132

Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.541

CVE-2023-0133

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.541

CVE-2023-0134

Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a u

CVE-2023-0135

Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a u

CVE-2023-0136

Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74

CVE-2023-0137

Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a

CVE-2023-0138

Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote atta

CVE-2023-0139

Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5

CVE-2023-0140

Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.7

CVE-2023-0141

Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote att

CVE-2023-48419

An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevati

CVE-2023-52198

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2023-6339

Google Nest WiFi Pro root code-execution & user-data compromise

CVE-2023-6600

The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to un

CVE-2023-6627

The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect mo

CVE-2023-6637

The CAOS | Host Google Analytics Locally plugin for WordPress is vulnerable to unauthorized modifica

CVE-2023-6921

Blind SQL Injection vulnerability in PrestaShow Google Integrator (PrestaShop addon) allows for data

CVE-2023-6986

The EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents

CVE-2024-0222

Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had c

CVE-2024-0223

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to

CVE-2024-0224

Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to pot

CVE-2024-0225

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to poten

CVE-2024-0333

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attac