Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

google chrome vulnerabilities and exploits

(subscribe to this query)
0.002
EPSS

CVE-2014-3159

The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome prior to 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote malicious users to spoof the URL in ...
Google ChromeGoogle Chrome 36.0.1985.1Google Chrome 36.0.1985.2Google Chrome 36.0.1985.3Google Chrome 36.0.1985.4Google Chrome 36.0.1985.5Google Chrome 36.0.1985.6Google Chrome 36.0.1985.8Google Chrome 36.0.1985.12Google Chrome 36.0.1985.13Google Chrome 36.0.1985.14Google Chrome 36.0.1985.15
0.002
EPSS

CVE-2014-3161

The WebMediaPlayerAndroid::load function in content/renderer/media/android/webmediaplayer_android.cc in Google Chrome prior to 36.0.1985.122 on Android does not properly interact with redirects, which allows remote malicious users to bypass the Same Origin Policy via a crafted we...
Google ChromeGoogle Chrome 36.0.1985.1Google Chrome 36.0.1985.2Google Chrome 36.0.1985.3Google Chrome 36.0.1985.4Google Chrome 36.0.1985.5Google Chrome 36.0.1985.6Google Chrome 36.0.1985.8Google Chrome 36.0.1985.12Google Chrome 36.0.1985.13Google Chrome 36.0.1985.14Google Chrome 36.0.1985.15
0.001
EPSS

CVE-2013-0838

Google Chrome prior to 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors.
Google ChromeGoogle Chrome 24.0.1272.0Google Chrome 24.0.1272.1Google Chrome 24.0.1273.0Google Chrome 24.0.1274.0Google Chrome 24.0.1275.0Google Chrome 24.0.1276.0Google Chrome 24.0.1276.1Google Chrome 24.0.1277.0Google Chrome 24.0.1278.0Google Chrome 24.0.1279.0Google Chrome 24.0.1280.0
0.005
EPSS

CVE-2012-5156

Use-after-free vulnerability in Google Chrome prior to 24.0.1312.52 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors involving PDF fields.
Google ChromeGoogle Chrome 24.0.1272.0Google Chrome 24.0.1272.1Google Chrome 24.0.1273.0Google Chrome 24.0.1274.0Google Chrome 24.0.1275.0Google Chrome 24.0.1276.0Google Chrome 24.0.1276.1Google Chrome 24.0.1277.0Google Chrome 24.0.1278.0Google Chrome 24.0.1279.0Google Chrome 24.0.1280.0
0.000
EPSS

CVE-2012-5155

Google Chrome prior to 24.0.1312.52 on Mac OS X does not use an appropriate sandboxing approach for worker processes, which makes it easier for remote malicious users to bypass intended access restrictions via unspecified vectors.
Google ChromeGoogle Chrome 24.0.1272.0Google Chrome 24.0.1272.1Google Chrome 24.0.1273.0Google Chrome 24.0.1274.0Google Chrome 24.0.1275.0Google Chrome 24.0.1276.0Google Chrome 24.0.1276.1Google Chrome 24.0.1277.0Google Chrome 24.0.1278.0Google Chrome 24.0.1279.0Google Chrome 24.0.1280.0
0.006
EPSS

CVE-2010-1767

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome prior to 4.1.249.1059, allows remote malicious users to hijack the authentication of unspecified victims via a crafted synchronous p...
Google ChromeGoogle Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.64Google Chrome 1.0.154.65Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28
0.002
EPSS

CVE-2010-1500

Google Chrome prior to 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error."
Google ChromeGoogle Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.64Google Chrome 1.0.154.65Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28
0.017
EPSS

CVE-2010-1502

Unspecified vulnerability in Google Chrome prior to 4.1.249.1059 allows remote malicious users to access local files via vectors related to "developer tools."
Google ChromeGoogle Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.64Google Chrome 1.0.154.65Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28
0.003
EPSS

CVE-2010-1503

Cross-site scripting (XSS) vulnerability in Google Chrome prior to 4.1.249.1059 allows remote malicious users to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI.
Google ChromeGoogle Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.64Google Chrome 1.0.154.65Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28
0.003
EPSS

CVE-2010-1504

Cross-site scripting (XSS) vulnerability in Google Chrome prior to 4.1.249.1059 allows remote malicious users to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI.
Google ChromeGoogle Chrome 1.0.154.53Google Chrome 1.0.154.59Google Chrome 1.0.154.64Google Chrome 1.0.154.65Google Chrome 2.0.169.0Google Chrome 2.0.169.1Google Chrome 2.0.170.0Google Chrome 2.0.172.2Google Chrome 2.0.172.8Google Chrome 2.0.172.27Google Chrome 2.0.172.28
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2023-50182XPath injectionmongodbspoofstored XSSCVE-2025-1468CVE-2024-57040CVE-2025-24813phpgurukulCVE-2025-2489libbsonmorningCVE-2024-56346
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook