Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Chrome_os
(Google)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 57 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-02-07 | CVE-2017-15397 | Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position. | Chrome_os | 7.4 | ||
| 2018-02-07 | CVE-2017-15400 | Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. | Chrome_os | 7.8 | ||
| 2018-03-07 | CVE-2016-5179 | Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot. | Chrome_os | 9.8 | ||
| 2023-01-02 | CVE-2022-2743 | Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. (Chrome security severity: High) | Chrome, Chrome_os, Linux_and_chrome_os | 8.8 | ||
| 2011-01-14 | CVE-2011-0485 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer." | Chrome, Chrome_os | N/A | ||
| 2011-01-14 | CVE-2011-0484 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node." | Chrome, Chrome_os | N/A | ||
| 2011-01-14 | CVE-2011-0479 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer. | Chrome, Chrome_os | N/A | ||
| 2011-01-14 | CVE-2011-0478 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | Chrome, Chrome_os | N/A | ||
| 2011-01-14 | CVE-2011-0477 | Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors. | Chrome, Chrome_os | N/A | ||
| 2011-01-14 | CVE-2011-0475 | Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document. | Chrome, Chrome_os | N/A |