← Back

Google

google

13,224 CVEs • 235 products

Products (235)

Click to collapse
Toggle
Android
android
8,095 CVEs
Chrome
chrome
4,384 CVEs
Tensorflow
tensorflow
431 CVEs
Chrome Os
chrome_os
67 CVEs
V8
v8
33 CVEs
Asylo
asylo
16 CVEs
Blink
blink
12 CVEs
Picasa
picasa
11 CVEs
Mini Search Appliance
mini_search_appliance
8 CVEs
Search Appliance
search_appliance
7 CVEs
Cr 48 Chromebook
cr-48_chromebook
7 CVEs
Sketchup
sketchup
7 CVEs
Tunnelblick
tunnelblick
7 CVEs
Gvisor
gvisor
7 CVEs
Chromecast Firmware
chromecast_firmware
6 CVEs
Nest Cam Iq Indoor Firmware
nest_cam_iq_indoor_firmware
6 CVEs
Toolbar
toolbar
5 CVEs
Web Toolkit
web_toolkit
5 CVEs
Protobuf
protobuf
5 CVEs
Rendertron
rendertron
5 CVEs
Fuchsia
fuchsia
5 CVEs
Protobuf Java
protobuf-java
5 CVEs
Earth
earth
4 CVEs
App Engine Python Sdk
app_engine_python_sdk
4 CVEs
Fscrypt
fscrypt
4 CVEs
Protobuf Javalite
protobuf-javalite
4 CVEs
Android Sdk
android_sdk
3 CVEs
Guava
guava
3 CVEs
Monorail
monorail
3 CVEs
Guest Oslogin
guest-oslogin
3 CVEs
Gerrit
gerrit
3 CVEs
Protobuf Kotlin
protobuf-kotlin
3 CVEs
Linux And Chrome Os
linux_and_chrome_os
3 CVEs
Nest Wifi Point Firmware
nest_wifi_point_firmware
3 CVEs
Nest Wifi Pro Firmware
nest_wifi_pro_firmware
3 CVEs
Web Designer
web_designer
3 CVEs
Talk
talk
2 CVEs
Desktop
desktop
2 CVEs
Google Sketchup
google_sketchup
2 CVEs
Bionic
bionic
2 CVEs
Mod Pagespeed
mod_pagespeed
2 CVEs
Android Debug Bridge
android_debug_bridge
2 CVEs
Home Firmware
home_firmware
2 CVEs
Kubernetes Engine
kubernetes_engine
2 CVEs
Oauth Client Library For Java
oauth_client_library_for_java
2 CVEs
Flatbuffers
flatbuffers
2 CVEs
Bazel
bazel
2 CVEs
Google Protobuf
google-protobuf
2 CVEs
Firebase Php Jwt
firebase_php-jwt
2 CVEs
Google Play Services Software Development Kit
google_play_services_software_development_kit
2 CVEs
Protobuf Python
protobuf-python
2 CVEs
Protobuf Kotlin Lite
protobuf-kotlin-lite
2 CVEs
Web Stories
web_stories
2 CVEs
Nest Mini Firmware
nest_mini_firmware
2 CVEs
Nest Wifi Router Firmware
nest_wifi_router_firmware
2 CVEs
Updater
updater
2 CVEs
Nearby
nearby
2 CVEs
Api Search
api_search
1 CVE
Matter
matter
1 CVE
Custom Search Engine
custom_search_engine
1 CVE
Kml
kml
1 CVE
Google Apps
google_apps
1 CVE
Gears
gears
1 CVE
Idapython
idapython
1 CVE
Admob
admob
1 CVE
Checkout Php
checkout-php
1 CVE
Cityhash
cityhash
1 CVE
Chrome Frame
chrome_frame
1 CVE
Authenticator
authenticator
1 CVE
Glass
glass
1 CVE
Android Api
android_api
1 CVE
Search Appliance Software
search_appliance_software
1 CVE
Android Sdk Platform Tools
android_sdk_platform_tools
1 CVE
Android Browser
android_browser
1 CVE
Email
email
1 CVE
Play Services Sdk
play_services_sdk
1 CVE
Nexus 5x Firmware
nexus_5x_firmware
1 CVE
Nexus 6p Firmware
nexus_6p_firmware
1 CVE
Android One
android_one
1 CVE
Sfntly
sfntly
1 CVE
Skia
skia
1 CVE
Google I/o 2017
google_i/o_2017
1 CVE
News And Weather
news_and_weather
1 CVE
Pdfium
pdfium
1 CVE
Gmail
gmail
1 CVE
Santa
santa
1 CVE
Boringssl
boringssl
1 CVE
Cardboard
cardboard
1 CVE
Snappy
snappy
1 CVE
Api C++ Client
api_c++_client
1 CVE
Nexus 7 Firmware
nexus_7_firmware
1 CVE
Nexus 9 Firmware
nexus_9_firmware
1 CVE
Voice Builder
voice_builder
1 CVE
Google Cloud Platform Service Broker
google_cloud_platform_service_broker
1 CVE
Cloud Messaging Notification
cloud_messaging_notification
1 CVE
Gizmo5
gizmo5
1 CVE
Native Client
native_client
1 CVE
Closure Library
closure_library
1 CVE
Openthread
openthread
1 CVE
Chrome Launcher
chrome-launcher
1 CVE

CVEs (13,224)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2010-1230
1Google
1Chrome
Apr 29, 2026
Apr 1, 2010
N/A· v4
N/A· v3
10.0 HIGH· v2
Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.
CVE-2010-1229
1Google
1Chrome
Apr 29, 2026
Apr 1, 2010
N/A· v4
N/A· v3
10.0 HIGH· v2
The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors.
CVE-2010-1228
1Google
1Chrome
Apr 29, 2026
Apr 1, 2010
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors.
CVE-2010-1029
2Apple
Google
2Chrome
Safari
Apr 29, 2026
Mar 19, 2010
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to...Show more
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a STYLE element composed of a large number of *> sequences.Show less
CVE-2010-0664
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of servic...Show more
Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser/child_process_security_policy.cc in Google Chrome before 4.0.249.78 allows remote attackers to cause a denial of service (memory consumption and application crash) via a URL that specifies multiple protocols, as demonstrated by a URL that begins with many repetitions of the view-source: substring.Show less
CVE-2010-0663
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obta...Show more
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas.Show less
CVE-2010-0662
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attacker...Show more
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 4.0.249.78 does not use the correct variables in calculations designed to prevent integer overflows, which allows attackers to leverage renderer access to cause a denial of service or possibly have unspecified other impact via bitmap data, related to deserialization.Show less
CVE-2010-0661
2Apple
Google
2Chrome
Webkit
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
6.8 MEDIUM· v2
WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method.
CVE-2010-0660
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive i...Show more
Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging.Show less
CVE-2010-0659
2Apple
Google
2Chrome
Webkit
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbo...Show more
The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that specifies a large size.Show less
CVE-2010-0658
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash...Show more
Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attackers to execute arbitrary code in the Chrome sandbox or cause a denial of service (memory corruption and application crash) via vectors involving CANVAS elements.Show less
CVE-2010-0657
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arb...Show more
Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sensitive information by tricking a user into creating a crafted shortcut.Show less
CVE-2010-0656
2Apple
Google
2Chrome
Webkit
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
4.3 MEDIUM· v2
WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain se...Show more
WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibly have unspecified other impact via a crafted local HTML document.Show less
CVE-2010-0655
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display...Show more
Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site.Show less
CVE-2010-0651
2Apple
Google
3Chrome
SafariWebkit
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
4.3 MEDIUM· v2
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesh...Show more
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document.Show less
CVE-2010-0650
3Apple
CanonicalGoogle
3Chrome
SafariUbuntu Linux
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
2.6 LOW· v2
WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.
CVE-2010-0649
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap m...Show more
Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages.Show less
CVE-2010-0647
2Apple
Google
2Chrome
Webkit
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.
CVE-2010-0646
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
10.0 HIGH· v2
Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript...Show more
Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.Show less
CVE-2010-0645
1Google
1Chrome
Apr 29, 2026
Feb 18, 2010
N/A· v4
N/A· v3
9.3 HIGH· v2
Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.