Google

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-1301 1Google 1Chrome Apr 29, 2026 Apr 15, 2011 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-1300 2Google Mozilla 2Chrome Firefox Apr 29, 2026 Apr 15, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and...Show more The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.Show less
CVE-2011-1691 1Google 1Chrome Apr 29, 2026 Apr 15, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, doe...Show more The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.Show less
CVE-2011-0611 4Adobe GoogleOpensuse+1 more 7Acrobat Acrobat ReaderAdobe Air+4 more Apr 21, 2026 Apr 13, 2011 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4....Show more Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.Show less
CVE-2011-0458 1Google 1Picasa Apr 29, 2026 Mar 28, 2011 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
CVE-2011-1296 2Apple Google 4Chrome Iphone OsItunes+1 more Apr 29, 2026 Mar 25, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer....Show more Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."Show less
CVE-2011-1295 2Apple Google 3Chrome Iphone OsSafari Apr 29, 2026 Mar 25, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross...Show more WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors.Show less
CVE-2011-1294 1Google 1Chrome Apr 29, 2026 Mar 25, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown ve...Show more Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."Show less
CVE-2011-1293 3Apple DebianGoogle 5Chrome Debian LinuxIphone Os+2 more Apr 29, 2026 Mar 25, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-1292 2Debian Google 2Chrome Debian Linux Apr 29, 2026 Mar 25, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-1291 1Google 1Chrome Apr 29, 2026 Mar 25, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer erro...Show more Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."Show less
CVE-2011-1465 1Google 1Chrome Apr 29, 2026 Mar 20, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application e...Show more The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.Show less
CVE-2011-0609 4Adobe GoogleOpensuse+1 more 7Acrobat Acrobat ReaderAir+4 more Apr 21, 2026 Mar 15, 2011 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle)...Show more Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.Show less
CVE-2011-1413 1Google 1Chrome Apr 29, 2026 Mar 11, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages...Show more Google Chrome before 10.0.648.127 on Linux does not properly mitigate an unspecified flaw in an X server, which allows remote attackers to cause a denial of service (application crash) via vectors involving long messages.Show less
CVE-2011-1286 1Google 1Chrome Apr 29, 2026 Mar 11, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger incorrect access to memory.
CVE-2011-1285 1Google 1Chrome Apr 29, 2026 Mar 11, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecifie...Show more The regular-expression functionality in Google Chrome before 10.0.648.127 does not properly implement reentrancy, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.Show less
CVE-2011-1204 2Apple Google 4Chrome Iphone OsItunes+1 more Apr 29, 2026 Mar 11, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.
CVE-2011-1203 2Apple Google 4Chrome Iphone OsItunes+1 more Apr 29, 2026 Mar 11, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale point...Show more Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."Show less
CVE-2011-1202 2Google Xmlsoft 2Chrome Libxslt Apr 29, 2026 Mar 11, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about...Show more The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.Show less
CVE-2011-1201 1Google 1Chrome Apr 29, 2026 Mar 11, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale...Show more The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."Show less

Previous 1...645646647...662 Next