Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google chrome vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2014-3159
The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome prior to 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote malicious users to spoof the URL in ...
Google Chrome
Google Chrome 36.0.1985.1
Google Chrome 36.0.1985.2
Google Chrome 36.0.1985.3
Google Chrome 36.0.1985.4
Google Chrome 36.0.1985.5
Google Chrome 36.0.1985.6
Google Chrome 36.0.1985.8
Google Chrome 36.0.1985.12
Google Chrome 36.0.1985.13
Google Chrome 36.0.1985.14
Google Chrome 36.0.1985.15
7.5
CVSSv2
CVE-2014-3161
The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayer_android.cc in Google Chrome prior to 36.0.1985.122 on Android does not properly interact with redirects, which allows remote malicious users to bypass the Same Origin Policy via a crafted we...
Google Chrome
Google Chrome 36.0.1985.1
Google Chrome 36.0.1985.2
Google Chrome 36.0.1985.3
Google Chrome 36.0.1985.4
Google Chrome 36.0.1985.5
Google Chrome 36.0.1985.6
Google Chrome 36.0.1985.8
Google Chrome 36.0.1985.12
Google Chrome 36.0.1985.13
Google Chrome 36.0.1985.14
Google Chrome 36.0.1985.15
5
CVSSv2
CVE-2012-5155
Google Chrome prior to 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote malicious users to bypass intended access restrictions via unspecified vectors.
Google Chrome
Google Chrome 24.0.1272.0
Google Chrome 24.0.1272.1
Google Chrome 24.0.1273.0
Google Chrome 24.0.1274.0
Google Chrome 24.0.1275.0
Google Chrome 24.0.1276.0
Google Chrome 24.0.1276.1
Google Chrome 24.0.1277.0
Google Chrome 24.0.1278.0
Google Chrome 24.0.1279.0
Google Chrome 24.0.1280.0
6.8
CVSSv2
CVE-2012-5156
Use-after-free vulnerability in Google Chrome prior to 24.0.1312.52 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors involving PDF fields.
Google Chrome
Google Chrome 24.0.1272.0
Google Chrome 24.0.1272.1
Google Chrome 24.0.1273.0
Google Chrome 24.0.1274.0
Google Chrome 24.0.1275.0
Google Chrome 24.0.1276.0
Google Chrome 24.0.1276.1
Google Chrome 24.0.1277.0
Google Chrome 24.0.1278.0
Google Chrome 24.0.1279.0
Google Chrome 24.0.1280.0
7.5
CVSSv2
CVE-2013-0838
Google Chrome prior to 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors.
Google Chrome
Google Chrome 24.0.1272.0
Google Chrome 24.0.1272.1
Google Chrome 24.0.1273.0
Google Chrome 24.0.1274.0
Google Chrome 24.0.1275.0
Google Chrome 24.0.1276.0
Google Chrome 24.0.1276.1
Google Chrome 24.0.1277.0
Google Chrome 24.0.1278.0
Google Chrome 24.0.1279.0
Google Chrome 24.0.1280.0
7.5
CVSSv2
CVE-2010-1500
Google Chrome prior to 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error."
Google Chrome
Google Chrome 1.0.154.53
Google Chrome 1.0.154.59
Google Chrome 1.0.154.64
Google Chrome 1.0.154.65
Google Chrome 2.0.169.0
Google Chrome 2.0.169.1
Google Chrome 2.0.170.0
Google Chrome 2.0.172.2
Google Chrome 2.0.172.8
Google Chrome 2.0.172.27
Google Chrome 2.0.172.28
9.3
CVSSv2
CVE-2010-1502
Unspecified vulnerability in Google Chrome prior to 4.1.249.1059 allows remote malicious users to access local files via vectors related to "developer tools."
Google Chrome
Google Chrome 1.0.154.53
Google Chrome 1.0.154.59
Google Chrome 1.0.154.64
Google Chrome 1.0.154.65
Google Chrome 2.0.169.0
Google Chrome 2.0.169.1
Google Chrome 2.0.170.0
Google Chrome 2.0.172.2
Google Chrome 2.0.172.8
Google Chrome 2.0.172.27
Google Chrome 2.0.172.28
4.3
CVSSv2
CVE-2010-1503
Cross-site scripting (XSS) vulnerability in Google Chrome prior to 4.1.249.1059 allows remote malicious users to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.
Google Chrome
Google Chrome 1.0.154.53
Google Chrome 1.0.154.59
Google Chrome 1.0.154.64
Google Chrome 1.0.154.65
Google Chrome 2.0.169.0
Google Chrome 2.0.169.1
Google Chrome 2.0.170.0
Google Chrome 2.0.172.2
Google Chrome 2.0.172.8
Google Chrome 2.0.172.27
Google Chrome 2.0.172.28
4.3
CVSSv2
CVE-2010-1504
Cross-site scripting (XSS) vulnerability in Google Chrome prior to 4.1.249.1059 allows remote malicious users to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.
Google Chrome
Google Chrome 1.0.154.53
Google Chrome 1.0.154.59
Google Chrome 1.0.154.64
Google Chrome 1.0.154.65
Google Chrome 2.0.169.0
Google Chrome 2.0.169.1
Google Chrome 2.0.170.0
Google Chrome 2.0.172.2
Google Chrome 2.0.172.8
Google Chrome 2.0.172.27
Google Chrome 2.0.172.28
10
CVSSv2
CVE-2010-1505
Google Chrome prior to 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.
Google Chrome
Google Chrome 1.0.154.53
Google Chrome 1.0.154.59
Google Chrome 1.0.154.64
Google Chrome 1.0.154.65
Google Chrome 2.0.169.0
Google Chrome 2.0.169.1
Google Chrome 2.0.170.0
Google Chrome 2.0.172.2
Google Chrome 2.0.172.8
Google Chrome 2.0.172.27
Google Chrome 2.0.172.28
1 Github repository
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
type confusion
CVE-2025-25205
pihome-shc
CVE-2025-26356
progress® telerik® document processing libraries
CVE-2025-24472
race condition
code-projects
CVE-2025-1100
unauthorized
CVE-2025-0556
CVE-2024-46982
telerik ui for winui
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »