Vulnerabilities > Google > Chrome > 18.0.1025.107
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-11-13 | CVE-2013-6628 | Certificates Validation Security Bypass vulnerability in Google Chrome net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. network google | 4.3 |
| 2013-11-13 | CVE-2013-6627 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. | 5.0 |
| 2013-11-13 | CVE-2013-6626 | Address Bar URI Spoofing vulnerability in Google Chrome The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site. network google | 4.3 |
| 2013-11-13 | CVE-2013-6625 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. | 6.8 |
| 2013-11-13 | CVE-2013-6624 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes. | 7.5 |
| 2013-11-13 | CVE-2013-6623 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout. | 4.3 |
| 2013-11-13 | CVE-2013-6622 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the movement of a media element between documents. | 6.8 |
| 2013-11-13 | CVE-2013-6621 | Resource Management Errors vulnerability in multiple products Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element. | 7.5 |
| 2013-03-21 | CVE-2013-2632 | Unspecified vulnerability in Google Chrome Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game. network google | 6.8 |
| 2013-02-23 | CVE-2013-2268 | Security vulnerability in WebKit MathML Library Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." | 7.5 |