Google Chrome vulnerabilities
4,008 known vulnerabilities affecting google/chrome.
Total CVEs
4,008
CISA KEV
74
actively exploited
Public exploits
64
Exploited in wild
65
Severity breakdown
CRITICAL298HIGH2025MEDIUM1626LOW17UNKNOWN42
Vulnerabilities
Page 150 of 201
CVE-2014-7923HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7923 [HIGH] CWE-17 CVE-2014-7923: The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.
nvd
CVE-2014-7942HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7942 [HIGH] CWE-399 CVE-2014-7942: The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data
The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
nvd
CVE-2014-7940HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7940 [HIGH] CWE-399 CVE-2014-7940: The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 throug
The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.
nvd
CVE-2014-7935HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7935 [HIGH] CVE-2014-7935: Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in
Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed tab.
nvd
CVE-2014-7934HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7934 [HIGH] CVE-2014-7934: Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.
Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures.
nvd
CVE-2014-7937HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7937 [HIGH] CWE-119 CVE-2014-7937: Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrom
Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data.
nvd
CVE-2014-7931HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7931 [HIGH] CWE-17 CVE-2014-7931: factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to ca
factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers.
nvd
CVE-2014-7927HIGHCVSS 7.5≤ 40.0.2214.852015-01-22
CVE-2014-7927 [HIGH] CWE-189 CVE-2014-7927: The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as us
The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.
nvd
CVE-2014-7945MEDIUMCVSS 5.0≤ 40.0.2214.852015-01-22
CVE-2014-7945 [MEDIUM] CWE-119 CVE-2014-7945: OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attacke
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.
nvd
CVE-2014-7941MEDIUMCVSS 5.0≤ 40.0.2214.852015-01-22
CVE-2014-7941 [MEDIUM] CWE-119 CVE-2014-7941: The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation
The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data.
nvd
CVE-2014-7947MEDIUMCVSS 5.0≤ 40.0.2214.852015-01-22
CVE-2014-7947 [MEDIUM] CWE-119 CVE-2014-7947: OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attacke
OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c.
nvd
CVE-2014-7924MEDIUMCVSS 5.0≤ 40.0.2214.852015-01-22
CVE-2014-7924 [MEDIUM] CVE-2014-7924: Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 al
Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc.
nvd
CVE-2014-7948MEDIUMCVSS 4.3≤ 40.0.2214.852015-01-22
CVE-2014-7948 [MEDIUM] CWE-310 CVE-2014-7948: The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_u
The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5 application content via a crafted certificate.
nvd
CVE-2014-7946MEDIUMCVSS 5.0≤ 40.0.2214.852015-01-22
CVE-2014-7946 [MEDIUM] CWE-119 CVE-2014-7946: The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as
The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors related to the Fonts implementation.
nvd
CVE-2014-7939MEDIUMCVSS 4.3≤ 40.0.2214.852015-01-22
CVE-2014-7939 [MEDIUM] CWE-264 CVE-2014-7939: Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote att
Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header.
nvd
CVE-2014-7943MEDIUMCVSS 5.0≤ 40.0.2214.852015-01-22
CVE-2014-7943 [MEDIUM] CWE-119 CVE-2014-7943: Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of ser
Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
nvd
CVE-2014-7936MEDIUMCVSS 6.8≤ 40.0.2214.852015-01-22
CVE-2014-7936 [MEDIUM] CVE-2014-7936: Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/
Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that triggers improper maintenance of a zoom bubble.
nvd
CVE-2014-7944MEDIUMCVSS 5.0≤ 40.0.2214.852015-01-22
CVE-2014-7944 [MEDIUM] CWE-119 CVE-2014-7944: The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrom
The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 40.0.2214.91, does not properly handle odd values of image width, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.
nvd
CVE-2011-1793HIGHCVSS 7.5≤ 11.0.696.652014-12-26
CVE-2011-1793 [HIGH] CWE-20 CVE-2011-1793: rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 a
rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."
nvd
CVE-2011-1798HIGHCVSS 7.5≤ 11.0.696.642014-12-26
CVE-2011-1798 [HIGH] CWE-20 CVE-2011-1798: rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not pr
rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown other impact via a crafted text element in an SVG document.
nvd