Google

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-2648 3Canonical GoogleOpensuse 3Chrome OpensuseUbuntu Linux Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecifi...Show more The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.Show less
CVE-2010-2647 2Canonical Google 2Chrome Ubuntu Linux Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.
CVE-2010-2646 1Google 1Chrome Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors.
CVE-2010-2645 1Google 1Chrome Apr 29, 2026 Jul 6, 2010 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote attackers to cause a denial of service (out-of-bounds read) via unknown vectors.
CVE-2010-1205 10Apple CanonicalDebian+7 more 17Chrome Debian LinuxFedora+14 more Apr 29, 2026 Jun 30, 2010 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data r...Show more Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.Show less
CVE-2010-2302 3Google OpensuseSuse 4Chrome OpensuseSuse Linux Enterprise Desktop+1 more Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remot...Show more Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771.Show less
CVE-2010-2301 3Google OpensuseSuse 4Chrome OpensuseSuse Linux Enterprise Desktop+1 more Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerH...Show more Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762.Show less
CVE-2010-2300 1Google 1Chrome Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of...Show more Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759.Show less
CVE-2010-2299 1Google 1Chrome Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow...Show more The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors involving crafted data from the renderer process, related to a "Type Confusion" issue.Show less
CVE-2010-2298 1Google 1Chrome Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to by...Show more browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls.Show less
CVE-2010-2297 3Google OpensuseSuse 4Chrome OpensuseSuse Linux Enterprise Desktop+1 more Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that...Show more rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table.Show less
CVE-2010-2296 1Google 1Chrome Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors.
CVE-2010-2295 1Google 1Chrome Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redir...Show more page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610. NOTE: this might overlap CVE-2010-1422.Show less
CVE-2010-1770 5Apple CanonicalGoogle+2 more 7Chrome OpensuseSafari+4 more Apr 29, 2026 Jun 11, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has...Show more WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue."Show less
CVE-2010-2120 1Google 1Chrome Apr 29, 2026 Jun 1, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid news:// URIs.
CVE-2010-2110 1Google 1Chrome Apr 29, 2026 May 28, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors.
CVE-2010-2109 1Google 1Chrome Apr 29, 2026 May 28, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag +...Show more Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality.Show less
CVE-2010-2108 1Google 1Chrome Apr 29, 2026 May 28, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors.
CVE-2010-2107 1Google 1Chrome Apr 29, 2026 May 28, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.
CVE-2010-2106 1Google 1Chrome Apr 29, 2026 May 28, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers.

Previous 1...654655656...662 Next