Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-01-28 | CVE-2013-6649 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image. | 7.5 |
| 2014-01-16 | CVE-2013-6643 | Improper Authentication vulnerability in multiple products The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog. | 7.5 |
| 2014-01-09 | CVE-2013-5359 | Buffer Errors vulnerability in Google Picasa 3.9.0 Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file with a certain size. | 7.5 |
| 2014-01-09 | CVE-2013-5358 | Buffer Errors vulnerability in Google Picasa 3.9.0 Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags. | 7.5 |
| 2014-01-09 | CVE-2013-5357 | Buffer Errors vulnerability in Google Picasa 3.9.0 Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag. | 7.5 |
| 2014-01-09 | CVE-2013-5349 | Buffer Errors vulnerability in Google Picasa 3.9.0 Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size. | 7.5 |
| 2013-12-14 | CVE-2013-6271 | Permissions, Privileges, and Access Controls vulnerability in Google Android Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted application that invokes the updateUnlockMethodAndFinish method in the com.android.settings.ChooseLockGeneric class with the PASSWORD_QUALITY_UNSPECIFIED option. | 8.8 |
| 2013-12-07 | CVE-2013-6640 | Buffer Errors vulnerability in Google Chrome The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index. | 7.5 |
| 2013-12-07 | CVE-2013-6639 | Buffer Errors vulnerability in Google Chrome The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. | 7.5 |
| 2013-12-07 | CVE-2013-6637 | Unspecified vulnerability in Google Chrome Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 7.5 |