ReportizFlow
Filtered by vendor Google
Subscriptions
Filtered by product Chrome Os
Subscriptions
Total
471 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-12828 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Chrome Os and 8 more | 2024-11-21 | N/A |
| Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2018-12827 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Chrome Os and 8 more | 2024-11-21 | N/A |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2018-12826 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Chrome Os and 8 more | 2024-11-21 | N/A |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2018-12825 | 6 Adobe, Apple, Google and 3 more | 11 Flash Player, Mac Os X, Chrome Os and 8 more | 2024-11-21 | N/A |
| Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass. | ||||
| CVE-2018-12824 | 6 Adobe, Apple, Google and 3 more | 12 Flash Player, Flash Player Desktop Runtime, Mac Os X and 9 more | 2024-11-21 | N/A |
| Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2017-15403 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | N/A |
| Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page. | ||||
| CVE-2017-15402 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | N/A |
| Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prior to 62.0.3202.74 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
| CVE-2017-15400 | 1 Google | 1 Chrome Os | 2024-11-21 | N/A |
| Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. | ||||
| CVE-2017-15397 | 1 Google | 1 Chrome Os | 2024-11-21 | N/A |
| Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position. | ||||
| CVE-2016-5179 | 1 Google | 1 Chrome Os | 2024-11-21 | N/A |
| Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot. | ||||
| CVE-2014-3180 | 2 Google, Linux | 2 Chrome Os, Linux Kernel | 2024-11-21 | 9.1 Critical |
| In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable | ||||