← Back

Google

google

13,751 CVEs • 235 products

Products (235)

Click to collapse
Toggle
Android
android
8,095 CVEs
Chrome
chrome
4,911 CVEs
Tensorflow
tensorflow
431 CVEs
Chrome Os
chrome_os
67 CVEs
V8
v8
33 CVEs
Asylo
asylo
16 CVEs
Blink
blink
12 CVEs
Picasa
picasa
11 CVEs
Mini Search Appliance
mini_search_appliance
8 CVEs
Search Appliance
search_appliance
7 CVEs
Cr 48 Chromebook
cr-48_chromebook
7 CVEs
Sketchup
sketchup
7 CVEs
Tunnelblick
tunnelblick
7 CVEs
Gvisor
gvisor
7 CVEs
Chromecast Firmware
chromecast_firmware
6 CVEs
Nest Cam Iq Indoor Firmware
nest_cam_iq_indoor_firmware
6 CVEs
Toolbar
toolbar
5 CVEs
Web Toolkit
web_toolkit
5 CVEs
Protobuf
protobuf
5 CVEs
Rendertron
rendertron
5 CVEs
Fuchsia
fuchsia
5 CVEs
Protobuf Java
protobuf-java
5 CVEs
Earth
earth
4 CVEs
App Engine Python Sdk
app_engine_python_sdk
4 CVEs
Fscrypt
fscrypt
4 CVEs
Protobuf Javalite
protobuf-javalite
4 CVEs
Android Sdk
android_sdk
3 CVEs
Guava
guava
3 CVEs
Monorail
monorail
3 CVEs
Guest Oslogin
guest-oslogin
3 CVEs
Gerrit
gerrit
3 CVEs
Protobuf Kotlin
protobuf-kotlin
3 CVEs
Linux And Chrome Os
linux_and_chrome_os
3 CVEs
Nest Wifi Point Firmware
nest_wifi_point_firmware
3 CVEs
Nest Wifi Pro Firmware
nest_wifi_pro_firmware
3 CVEs
Web Designer
web_designer
3 CVEs
Talk
talk
2 CVEs
Desktop
desktop
2 CVEs
Google Sketchup
google_sketchup
2 CVEs
Bionic
bionic
2 CVEs
Mod Pagespeed
mod_pagespeed
2 CVEs
Android Debug Bridge
android_debug_bridge
2 CVEs
Home Firmware
home_firmware
2 CVEs
Kubernetes Engine
kubernetes_engine
2 CVEs
Oauth Client Library For Java
oauth_client_library_for_java
2 CVEs
Flatbuffers
flatbuffers
2 CVEs
Bazel
bazel
2 CVEs
Google Protobuf
google-protobuf
2 CVEs
Firebase Php Jwt
firebase_php-jwt
2 CVEs
Google Play Services Software Development Kit
google_play_services_software_development_kit
2 CVEs
Protobuf Python
protobuf-python
2 CVEs
Protobuf Kotlin Lite
protobuf-kotlin-lite
2 CVEs
Web Stories
web_stories
2 CVEs
Nest Mini Firmware
nest_mini_firmware
2 CVEs
Nest Wifi Router Firmware
nest_wifi_router_firmware
2 CVEs
Updater
updater
2 CVEs
Nearby
nearby
2 CVEs
Api Search
api_search
1 CVE
Matter
matter
1 CVE
Custom Search Engine
custom_search_engine
1 CVE
Kml
kml
1 CVE
Google Apps
google_apps
1 CVE
Gears
gears
1 CVE
Idapython
idapython
1 CVE
Admob
admob
1 CVE
Checkout Php
checkout-php
1 CVE
Cityhash
cityhash
1 CVE
Chrome Frame
chrome_frame
1 CVE
Authenticator
authenticator
1 CVE
Glass
glass
1 CVE
Android Api
android_api
1 CVE
Search Appliance Software
search_appliance_software
1 CVE
Android Sdk Platform Tools
android_sdk_platform_tools
1 CVE
Android Browser
android_browser
1 CVE
Email
email
1 CVE
Play Services Sdk
play_services_sdk
1 CVE
Nexus 5x Firmware
nexus_5x_firmware
1 CVE
Nexus 6p Firmware
nexus_6p_firmware
1 CVE
Android One
android_one
1 CVE
Sfntly
sfntly
1 CVE
Skia
skia
1 CVE
Google I/o 2017
google_i/o_2017
1 CVE
News And Weather
news_and_weather
1 CVE
Pdfium
pdfium
1 CVE
Gmail
gmail
1 CVE
Santa
santa
1 CVE
Boringssl
boringssl
1 CVE
Cardboard
cardboard
1 CVE
Snappy
snappy
1 CVE
Api C++ Client
api_c++_client
1 CVE
Nexus 7 Firmware
nexus_7_firmware
1 CVE
Nexus 9 Firmware
nexus_9_firmware
1 CVE
Voice Builder
voice_builder
1 CVE
Google Cloud Platform Service Broker
google_cloud_platform_service_broker
1 CVE
Cloud Messaging Notification
cloud_messaging_notification
1 CVE
Gizmo5
gizmo5
1 CVE
Native Client
native_client
1 CVE
Closure Library
closure_library
1 CVE
Openthread
openthread
1 CVE
Chrome Launcher
chrome-launcher
1 CVE

CVEs (13,751)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2011-1435
1Google
1Chrome
Apr 29, 2026
May 3, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.
CVE-2011-1434
1Google
1Chrome
Apr 29, 2026
May 3, 2011
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-1305
1Google
1Chrome
Apr 29, 2026
May 3, 2011
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.
CVE-2011-1304
1Google
1Chrome
Apr 29, 2026
May 3, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.
CVE-2011-1303
1Google
1Chrome
Apr 29, 2026
May 3, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale p...Show more
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."Show less
CVE-2011-1149
1Google
1Android
Apr 29, 2026
Apr 21, 2011
N/A· v4
N/A· v3
7.2 HIGH· v2
Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf...Show more
Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and ASHMEM_SET_PROT_MASK.Show less
CVE-2011-1302
1Google
1Chrome
Apr 29, 2026
Apr 15, 2011
N/A· v4
N/A· v3
9.3 HIGH· v2
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-1301
1Google
1Chrome
Apr 29, 2026
Apr 15, 2011
N/A· v4
N/A· v3
9.3 HIGH· v2
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-1300
2Google
Mozilla
2Chrome
Firefox
Apr 29, 2026
Apr 15, 2011
N/A· v4
N/A· v3
10.0 HIGH· v2
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and...Show more
The Program::getActiveUniformMaxLength function in libGLESv2/Program.cpp in libGLESv2.dll in the WebGLES library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox 4.x before 4.0.1 on Windows and in the GPU process in Google Chrome before 10.0.648.205 on Windows, allows remote attackers to execute arbitrary code via unspecified vectors, related to an "off-by-three" error.Show less
CVE-2011-1691
1Google
1Chrome
Apr 29, 2026
Apr 15, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, doe...Show more
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.Show less
CVE-2011-0611
4Adobe
GoogleOpensuse+1 more
7Acrobat
Acrobat ReaderAdobe Air+4 more
Apr 21, 2026
Apr 13, 2011
N/A· v4
8.8 HIGH· v3
9.3 HIGH· v2
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4....Show more
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.Show less
CVE-2011-0458
1Google
1Picasa
Apr 29, 2026
Mar 28, 2011
N/A· v4
N/A· v3
6.9 MEDIUM· v2
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
CVE-2011-1296
2Apple
Google
4Chrome
Iphone OsItunes+1 more
Apr 29, 2026
Mar 25, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer....Show more
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."Show less
CVE-2011-1295
2Apple
Google
3Chrome
Iphone OsSafari
Apr 29, 2026
Mar 25, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross...Show more
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors.Show less
CVE-2011-1294
1Google
1Chrome
Apr 29, 2026
Mar 25, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown ve...Show more
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."Show less
CVE-2011-1293
3Apple
DebianGoogle
5Chrome
Debian LinuxIphone Os+2 more
Apr 29, 2026
Mar 25, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-1292
2Debian
Google
2Chrome
Debian Linux
Apr 29, 2026
Mar 25, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2011-1291
1Google
1Chrome
Apr 29, 2026
Mar 25, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer erro...Show more
Google Chrome before 10.0.648.204 does not properly handle base strings, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "buffer error."Show less
CVE-2011-1465
1Google
1Chrome
Apr 29, 2026
Mar 20, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application e...Show more
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.Show less
CVE-2011-0609
4Adobe
GoogleOpensuse+1 more
7Acrobat
Acrobat ReaderAir+4 more
Apr 21, 2026
Mar 15, 2011
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle)...Show more
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.Show less