Vulnerabilities > Google > Chrome > 4.0.249.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-28 | CVE-2010-2105 | Unspecified vulnerability in Google Chrome Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors. | 10.0 |
| 2010-05-07 | CVE-2010-1851 | Information Exposure vulnerability in Google Chrome Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage" issue. | 4.3 |
| 2010-05-03 | CVE-2010-1665 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. | 7.5 |
| 2010-05-03 | CVE-2010-1664 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. | 5.0 |
| 2010-05-03 | CVE-2010-1663 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | 10.0 |
| 2010-04-23 | CVE-2010-1506 | Multiple Security vulnerability in RETIRED: Google Chrome prior to 4.1.249.1059 The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors. | 7.8 |
| 2010-04-23 | CVE-2010-1505 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors. | 10.0 |
| 2010-04-23 | CVE-2010-1504 | Cross-Site Scripting vulnerability in Google Chrome Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI. | 4.3 |
| 2010-04-23 | CVE-2010-1503 | Cross-Site Scripting vulnerability in Google Chrome Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI. | 4.3 |
| 2010-04-23 | CVE-2010-1502 | Multiple Security vulnerability in RETIRED: Google Chrome prior to 4.1.249.1059 Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools." | 9.3 |