Google: >> Chrome Os >> 0.10.140.0 Security Vulnerabilities
Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2834.
CVSS Score
5.0
EPSS Score
0.001
Published
2013-04-16
Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that loads the contents of the .pangorc file in the user's home directory, and the file referenced by the PANGO_RC_FILE environment variable, which allows attackers to bypass intended access restrictions via crafted configuration data.
CVSS Score
7.5
EPSS Score
0.002
Published
2013-04-10
The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow."
CVSS Score
10.0
EPSS Score
0.002
Published
2013-03-18
Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other impact via unknown vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2012-12-04
Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow."
CVSS Score
10.0
EPSS Score
0.057
Published
2012-08-22
Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.002
Published
2012-07-24
Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.002
Published
2012-06-07
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.002
Published
2012-02-29
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.002
Published
2012-01-12
Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.002
Published
2011-12-09