Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

google chrome 1.0.154.59 vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2009-1413
Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript...
Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google Chrome 1.0.154.53Google Chrome 1.0.154.59
6.8
CVSSv2
CVE-2009-1442
Multiple integer overflows in Skia, as used in Google Chrome 1.x before 1.0.154.64 and 2.x, and possibly Android, might allow remote attackers to execute arbitrary code in the renderer process via a crafted (1) image or (2) canvas....
Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google ChromeGoogle Chrome 1.0.154.59Google Chrome 2.0.156.1Google Chrome 2.0.157.0Google Chrome 2.0.157.2Google Chrome 2.0.158.0Google Chrome 2.0.159.0
5
CVSSv2
CVE-2009-2974
Google Chrome 1.0.154.65, 1.0.154.48, and earlier allows remote attackers to (1) cause a denial of service (application hang) via vectors involving a chromehtml: URI value for the document.location property or (2) cause a denial of service (application hang and CPU consumption)...
Google Chrome 0.2.149.27Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google ChromeGoogle Chrome 1.0.154.52Google Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.65
9.3
CVSSv2
CVE-2009-2121
Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted response....
Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google Chrome 1.0.154.52Google Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 2.0.156.1Google Chrome 2.0.157.0Google Chrome 2.0.157.2Google Chrome 2.0.158.0Google Chrome 2.0.159.0Google Chrome
9.3
CVSSv2
CVE-2009-2556
Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation....
Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google Chrome 1.0.154.48Google Chrome 1.0.154.52Google Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 2.0.156.1Google Chrome 2.0.157.0Google Chrome 2.0.157.2Google Chrome 2.0.158.0Google Chrome 2.0.159.0Google Chrome 2.0.172Google Chrome 2.0.172.30Google Chrome 2.0.172.31Google Chrome
9.3
CVSSv2
CVE-2009-1441
Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to a large bitmap...
Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google ChromeGoogle Chrome 1.0.154.59
9.3
CVSSv2
CVE-2009-2555
Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression....
Google V8Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google Chrome 1.0.154.48Google Chrome 1.0.154.52Google Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 2.0.156.1Google Chrome 2.0.157.0Google Chrome 2.0.157.2Google Chrome 2.0.158.0Google Chrome 2.0.159.0Google Chrome 2.0.172Google Chrome 2.0.172.30Google Chrome 2.0.172.31Google Chrome
9.3
CVSSv2
CVE-2009-3932
The Gears plugin in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service (memory corruption and plugin crash) or possibly execute arbitrary code via unspecified use of the Gears SQL API, related to putting "SQL metadata into a...
Google Chrome 0.2.149.27Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google Chrome 1.0.154.48Google Chrome 1.0.154.52Google Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.65Google Chrome 2.0.156.1Google Chrome 2.0.157.0Google Chrome 2.0.157.2Google Chrome 2.0.158.0Google Chrome 2.0.159.0Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28Google Chrome 2.0.172.30Google Chrome 2.0.172.31Google Chrome 2.0.172.33Google Chrome 2.0.172.37Google Chrome 2.0.172.38Google Chrome 3.0.182.2Google Chrome 3.0.190.2Google Chrome 3.0.193.2Google Chrome
7.5
CVSSv2
CVE-2009-3456
Google Chrome, possibly 3.0.195.21 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
Google Chrome 0.2.149.27Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google Chrome 1.0.154.48Google Chrome 1.0.154.52Google Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.65Google Chrome 2.0.156.1Google Chrome 2.0.157.0Google Chrome 2.0.157.2Google Chrome 2.0.158.0Google Chrome 2.0.159.0Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28Google Chrome 2.0.172.30Google Chrome 2.0.172.31Google Chrome 2.0.172.33Google Chrome 2.0.172.37Google Chrome 2.0.172.38Google Chrome 3.0.182.2Google Chrome 3.0.190.2Google Chrome 3.0.193.2Google Chrome
9.3
CVSSv2
CVE-2010-0655
Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different...
Google Chrome 0.2.149.27Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33Google Chrome 1.0.154.36Google Chrome 1.0.154.39Google Chrome 1.0.154.42Google Chrome 1.0.154.43Google Chrome 1.0.154.46Google Chrome 1.0.154.48Google Chrome 1.0.154.52Google Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.65Google Chrome 2.0.156.1Google Chrome 2.0.157.0Google Chrome 2.0.157.2Google Chrome 2.0.158.0Google Chrome 2.0.159.0Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28Google Chrome 2.0.172.30Google Chrome 2.0.172.31Google Chrome 2.0.172.33Google Chrome 2.0.172.37Google Chrome 2.0.172.38Google Chrome 3.0.182.2Google Chrome 3.0.190.2Google Chrome 3.0.193.2Google Chrome 3.0.195.21Google Chrome 3.0.195.24Google Chrome 3.0.195.32Google Chrome 3.0.195.33Google Chrome
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelesstoodeequinn projecttype confusionCVE-2021-26857scratchpadCVE-2020-29020man-in-the-middleibmCVE-2021-26971CVE-2021-28032CVE-2021-21725CVE-2021-26855