Google

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-2826 1Google 1Chrome Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins.
CVE-2011-2825 2Apple Google 4Chrome Iphone OsItunes+1 more Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.
CVE-2011-2824 1Google 1Chrome Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes.
CVE-2011-2823 2Apple Google 4Chrome Iphone OsItunes+1 more Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box.
CVE-2011-2822 1Google 1Chrome Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Google Chrome before 13.0.782.215 on Windows does not properly parse URLs located on the command line, which has unspecified impact and attack vectors.
CVE-2011-2821 4Apple DebianGoogle+1 more 8Chrome Debian LinuxEnterprise Linux Desktop+5 more Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.
CVE-2011-2806 1Google 1Chrome Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Google Chrome before 13.0.782.215 on Windows does not properly handle vertex data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2011-2357 1Google 1Android Apr 29, 2026 Aug 12, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) cau...Show more Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a URI to the targeted domain into the current tab, or (2) making two startActivity function calls beginning with the targeted domain's URI followed by the malicious Javascript while the UI focus is still associated with the targeted domain.Show less
CVE-2008-7298 2Android Google 2Android Android Browser Apr 29, 2026 Aug 9, 2011 N/A· v4 N/A· v3 5.8 MEDIUM· v2 The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in...Show more The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.Show less
CVE-2008-7294 1Google 1Chrome Apr 29, 2026 Aug 9, 2011 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in...Show more Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.Show less
CVE-2011-2819 2Apple Google 3Chrome Iphone OsSafari Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.
CVE-2011-2818 3Apple DebianGoogle 5Chrome Debian LinuxIphone Os+2 more Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.
CVE-2011-2805 2Apple Google 3Chrome Iphone OsSafari Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.
CVE-2011-2804 1Google 1Chrome Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a...Show more Google Chrome before 13.0.782.107 does not properly handle nested functions in PDF documents, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.Show less
CVE-2011-2803 1Google 1Chrome Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2011-2802 1Google 1Chrome Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact v...Show more Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site.Show less
CVE-2011-2801 1Google 1Chrome Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader.
CVE-2011-2800 3Apple DebianGoogle 4Chrome Debian LinuxIphone Os+1 more Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.
CVE-2011-2799 2Apple Google 4Chrome Iphone OsItunes+1 more Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.
CVE-2011-2798 1Google 1Chrome Apr 29, 2026 Aug 3, 2011 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site.

Previous 1...666667668...688 Next