Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Chrome
(Google)| Repositories |
• https://github.com/googlei18n/sfntly
• https://github.com/behdad/harfbuzz • https://github.com/uclouvain/openjpeg |
| #Vulnerabilities | 3447 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-08-31 | CVE-2012-2868 | Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object. | Chrome, Opensuse | N/A | ||
| 2012-08-31 | CVE-2012-2869 | Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer." | Chrome, Opensuse | N/A | ||
| 2012-08-31 | CVE-2012-2870 | libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. | Iphone_os, Chrome, Libxslt | N/A | ||
| 2012-08-31 | CVE-2012-2871 | libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. | Iphone_os, Chrome, Libxml2 | N/A | ||
| 2012-08-31 | CVE-2012-2872 | Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Chrome, Opensuse | N/A | ||
| 2012-09-26 | CVE-2012-2874 | Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883. | Chrome, Opensuse | N/A | ||
| 2012-09-26 | CVE-2012-2875 | Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 22.0.1229.79 allow remote attackers to have an unknown impact via a crafted document. | Chrome | N/A | ||
| 2012-09-26 | CVE-2012-2876 | Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | Chrome, Opensuse | N/A | ||
| 2012-09-26 | CVE-2012-2877 | The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | Chrome, Opensuse | N/A | ||
| 2012-09-26 | CVE-2012-2878 | Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. | Chrome, Opensuse | N/A |