Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Chrome
(Google)| Repositories |
• https://github.com/googlei18n/sfntly
• https://github.com/behdad/harfbuzz • https://github.com/uclouvain/openjpeg |
| #Vulnerabilities | 3633 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-12-12 | CVE-2012-5144 | Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." | Ubuntu_linux, Chrome, Libav, Opensuse | N/A | ||
| 2012-11-28 | CVE-2012-5136 | Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. | Chrome, Opensuse | N/A | ||
| 2012-12-04 | CVE-2012-5129 | Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other impact via unknown vectors. | Chrome, Chrome_os | N/A | ||
| 2012-12-04 | CVE-2012-5137 | Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API. | Chrome, Opensuse | N/A | ||
| 2012-12-04 | CVE-2012-5138 | Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors. | Chrome, Opensuse | N/A | ||
| 2012-12-12 | CVE-2012-5140 | Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. | Chrome, Opensuse | N/A | ||
| 2012-12-12 | CVE-2012-5141 | Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors. | Chrome, Opensuse | N/A | ||
| 2012-12-12 | CVE-2012-5142 | Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | Chrome, Opensuse | N/A | ||
| 2012-12-12 | CVE-2012-5143 | Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. | Chrome, Opensuse | N/A | ||
| 2013-01-15 | CVE-2012-5154 | Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory. | Chrome, Opensuse | N/A |