Vulnerabilities > Google > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-09-24 | CVE-2010-1823 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. | 9.3 |
2010-09-16 | CVE-2010-3415 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 10.0 |
2010-09-16 | CVE-2010-3414 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 10.0 |
2010-09-16 | CVE-2010-3412 | Race Condition vulnerability in Google Chrome Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impact and attack vectors. | 9.3 |
2010-09-15 | CVE-2010-2884 | Remote Code Execution vulnerability in Adobe Flash Player Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. | 9.3 |
2010-09-10 | CVE-2010-1807 | Improper Input Validation vulnerability in multiple products WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. | 9.3 |
2010-09-07 | CVE-2010-3258 | Deserialization of Untrusted Data vulnerability in Google Chrome The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors. | 9.3 |
2010-09-07 | CVE-2010-3257 | USE After Free vulnerability in multiple products Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. | 9.3 |
2010-09-07 | CVE-2010-3255 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 9.3 |
2010-09-07 | CVE-2010-3254 | Integer Overflow OR Wraparound vulnerability in Google Chrome The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 10.0 |