Skip to content

Instantly share code, notes, and snippets.

@clearbluejar

clearbluejar/Google-Chrome-Use-After-Free-gannt.md Secret

Last active March 21, 2022 14:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save clearbluejar/211876b8cd4e3d146bbc74fdd5bca8bb to your computer and use it in GitHub Desktop.
Save clearbluejar/211876b8cd4e3d146bbc74fdd5bca8bb to your computer and use it in GitHub Desktop.
Download ZIP
Windows Print Spooler Markdown Chart
Raw
Google-Chrome-Use-After-Free-gannt.md 
gantt

title Google Chrome Use After Free
dateFormat YYYY-MM-DD
axisFormat %Y-%m

section CVE Release Dates
section 2022-Jan
CVE-2022-0308 :cve0, 2022-01-11, 30d
CVE-2022-0307 :cve1, 2022-01-11, 30d
CVE-2022-0304 :cve2, 2022-01-11, 30d
CVE-2022-0302 :cve3, 2022-01-11, 30d
CVE-2022-0300 :cve4, 2022-01-11, 30d
CVE-2022-0298 :cve5, 2022-01-11, 30d
CVE-2022-0297 :cve6, 2022-01-11, 30d
CVE-2022-0296 :cve7, 2022-01-11, 30d
CVE-2022-0295 :cve8, 2022-01-11, 30d
CVE-2022-0293 :cve9, 2022-01-11, 30d
CVE-2022-0290 :cve10, 2022-01-11, 30d
CVE-2022-0289 :cve11, 2022-01-11, 30d
CVE-2022-0107 :cve12, 2022-01-11, 30d
CVE-2022-0106 :cve13, 2022-01-11, 30d
CVE-2022-0105 :cve14, 2022-01-11, 30d
CVE-2022-0103 :cve15, 2022-01-11, 30d
CVE-2022-0099 :cve16, 2022-01-11, 30d
CVE-2022-0098 :cve17, 2022-01-11, 30d
CVE-2022-0096 :cve18, 2022-01-11, 30d
section 2021-Dec
CVE-2021-4102 :cve19, 2021-12-14, 30d
CVE-2021-4099 :cve20, 2021-12-14, 30d
CVE-2021-4067 :cve21, 2021-12-14, 30d
CVE-2021-4065 :cve22, 2021-12-14, 30d
CVE-2021-4064 :cve23, 2021-12-14, 30d
CVE-2021-4063 :cve24, 2021-12-14, 30d
CVE-2021-4057 :cve25, 2021-12-14, 30d
CVE-2021-4053 :cve26, 2021-12-14, 30d
CVE-2021-4052 :cve27, 2021-12-14, 30d
section 2021-Nov
CVE-2021-38011 :cve28, 2021-11-09, 30d
CVE-2021-38008 :cve29, 2021-11-09, 30d
CVE-2021-38006 :cve30, 2021-11-09, 30d
CVE-2021-38005 :cve31, 2021-11-09, 30d
section 2021-Oct
CVE-2021-38002 :cve32, 2021-10-12, 30d
CVE-2021-37998 :cve33, 2021-10-12, 30d
CVE-2021-37997 :cve34, 2021-10-12, 30d
CVE-2021-37993 :cve35, 2021-10-12, 30d
CVE-2021-37988 :cve36, 2021-10-12, 30d
CVE-2021-37987 :cve37, 2021-10-12, 30d
CVE-2021-37985 :cve38, 2021-10-12, 30d
CVE-2021-37983 :cve39, 2021-10-12, 30d
CVE-2021-37982 :cve40, 2021-10-12, 30d
CVE-2021-37977 :cve41, 2021-10-12, 30d
CVE-2021-37975 :cve42, 2021-10-12, 30d
CVE-2021-37974 :cve43, 2021-10-12, 30d
section 2021-Sep
CVE-2021-37973 :cve44, 2021-09-14, 30d
CVE-2021-37970 :cve45, 2021-09-14, 30d
CVE-2021-37962 :cve46, 2021-09-14, 30d
CVE-2021-37961 :cve47, 2021-09-14, 30d
CVE-2021-37959 :cve48, 2021-09-14, 30d
CVE-2021-37957 :cve49, 2021-09-14, 30d
CVE-2021-37956 :cve50, 2021-09-14, 30d
CVE-2021-30633 :cve51, 2021-09-14, 30d
CVE-2021-30629 :cve52, 2021-09-14, 30d
CVE-2021-30625 :cve53, 2021-09-14, 30d
section 2021-Aug
CVE-2021-30604 :cve54, 2021-08-10, 30d
CVE-2021-30602 :cve55, 2021-08-10, 30d
CVE-2021-30601 :cve56, 2021-08-10, 30d
CVE-2021-30597 :cve58, 2021-08-10, 30d
CVE-2021-30594 :cve59, 2021-08-10, 30d
CVE-2021-30591 :cve60, 2021-08-10, 30d
section 2021
CVE-2021-30600 :cve57, 2021-01-01, 30d
CVE-2021-30543 :cve85, 2021-01-01, 30d
CVE-2021-30542 :cve86, 2021-01-01, 30d
CVE-2021-21138 :cve128, 2021-01-01, 30d
CVE-2021-21115 :cve134, 2021-01-01, 30d
CVE-2021-21114 :cve135, 2021-01-01, 30d
CVE-2021-21112 :cve136, 2021-01-01, 30d
CVE-2021-21110 :cve137, 2021-01-01, 30d
CVE-2021-21109 :cve138, 2021-01-01, 30d
CVE-2021-21108 :cve139, 2021-01-01, 30d
CVE-2021-21107 :cve140, 2021-01-01, 30d
CVE-2021-21106 :cve141, 2021-01-01, 30d
section 2021-Jul
CVE-2021-30586 :cve61, 2021-07-13, 30d
CVE-2021-30585 :cve62, 2021-07-13, 30d
CVE-2021-30581 :cve63, 2021-07-13, 30d
CVE-2021-30579 :cve64, 2021-07-13, 30d
CVE-2021-30576 :cve65, 2021-07-13, 30d
CVE-2021-30574 :cve66, 2021-07-13, 30d
CVE-2021-30573 :cve67, 2021-07-13, 30d
CVE-2021-30572 :cve68, 2021-07-13, 30d
CVE-2021-30569 :cve69, 2021-07-13, 30d
CVE-2021-30567 :cve70, 2021-07-13, 30d
CVE-2021-30562 :cve71, 2021-07-13, 30d
CVE-2021-30560 :cve72, 2021-07-13, 30d
CVE-2021-30541 :cve87, 2021-07-13, 30d
section 2021-Jun
CVE-2021-30557 :cve73, 2021-06-08, 30d
CVE-2021-30556 :cve74, 2021-06-08, 30d
CVE-2021-30555 :cve75, 2021-06-08, 30d
CVE-2021-30554 :cve76, 2021-06-08, 30d
CVE-2021-30553 :cve77, 2021-06-08, 30d
CVE-2021-30552 :cve78, 2021-06-08, 30d
CVE-2021-30550 :cve79, 2021-06-08, 30d
CVE-2021-30549 :cve80, 2021-06-08, 30d
CVE-2021-30548 :cve81, 2021-06-08, 30d
CVE-2021-30546 :cve82, 2021-06-08, 30d
CVE-2021-30545 :cve83, 2021-06-08, 30d
CVE-2021-30544 :cve84, 2021-06-08, 30d
section 2021-May
CVE-2021-30535 :cve88, 2021-05-11, 30d
CVE-2021-30529 :cve89, 2021-05-11, 30d
CVE-2021-30528 :cve90, 2021-05-11, 30d
CVE-2021-30527 :cve91, 2021-05-11, 30d
CVE-2021-30525 :cve92, 2021-05-11, 30d
CVE-2021-30524 :cve93, 2021-05-11, 30d
CVE-2021-30523 :cve94, 2021-05-11, 30d
CVE-2021-30522 :cve95, 2021-05-11, 30d
CVE-2021-30520 :cve96, 2021-05-11, 30d
CVE-2021-30519 :cve97, 2021-05-11, 30d
CVE-2021-30515 :cve98, 2021-05-11, 30d
CVE-2021-30514 :cve99, 2021-05-11, 30d
CVE-2021-30512 :cve100, 2021-05-11, 30d
CVE-2021-30510 :cve101, 2021-05-11, 30d
section 2021-Apr
CVE-2021-21232 :cve102, 2021-04-13, 30d
CVE-2021-21226 :cve103, 2021-04-13, 30d
CVE-2021-21214 :cve104, 2021-04-13, 30d
CVE-2021-21213 :cve105, 2021-04-13, 30d
CVE-2021-21207 :cve106, 2021-04-13, 30d
CVE-2021-21206 :cve107, 2021-04-13, 30d
CVE-2021-21204 :cve108, 2021-04-13, 30d
CVE-2021-21203 :cve109, 2021-04-13, 30d
CVE-2021-21202 :cve110, 2021-04-13, 30d
CVE-2021-21201 :cve111, 2021-04-13, 30d
CVE-2021-21199 :cve112, 2021-04-13, 30d
CVE-2021-21195 :cve113, 2021-04-13, 30d
CVE-2021-21194 :cve114, 2021-04-13, 30d
section 2021-Mar
CVE-2021-21193 :cve115, 2021-03-09, 30d
CVE-2021-21191 :cve116, 2021-03-09, 30d
CVE-2021-21188 :cve117, 2021-03-09, 30d
CVE-2021-21180 :cve118, 2021-03-09, 30d
CVE-2021-21179 :cve119, 2021-03-09, 30d
CVE-2021-21167 :cve120, 2021-03-09, 30d
CVE-2021-21162 :cve121, 2021-03-09, 30d
section 2021-Feb
CVE-2021-21157 :cve122, 2021-02-09, 30d
CVE-2021-21151 :cve123, 2021-02-09, 30d
CVE-2021-21150 :cve124, 2021-02-09, 30d
CVE-2021-21146 :cve125, 2021-02-09, 30d
CVE-2021-21145 :cve126, 2021-02-09, 30d
CVE-2021-21142 :cve127, 2021-02-09, 30d
section 2021-Jan
CVE-2021-21124 :cve129, 2021-01-12, 30d
CVE-2021-21122 :cve130, 2021-01-12, 30d
CVE-2021-21121 :cve131, 2021-01-12, 30d
CVE-2021-21120 :cve132, 2021-01-12, 30d
CVE-2021-21119 :cve133, 2021-01-12, 30d
CVE-2020-16044 :cve196, 2021-01-12, 30d
section 2020
CVE-2020-9633 :cve142, 2020-01-01, 30d
CVE-2020-6576 :cve143, 2020-01-01, 30d
CVE-2020-6573 :cve144, 2020-01-01, 30d
CVE-2020-6572 :cve145, 2020-01-01, 30d
CVE-2020-6559 :cve146, 2020-01-01, 30d
CVE-2020-6554 :cve147, 2020-01-01, 30d
CVE-2020-6553 :cve148, 2020-01-01, 30d
CVE-2020-6552 :cve149, 2020-01-01, 30d
CVE-2020-6551 :cve150, 2020-01-01, 30d
CVE-2020-6550 :cve151, 2020-01-01, 30d
CVE-2020-6549 :cve152, 2020-01-01, 30d
CVE-2020-6545 :cve153, 2020-01-01, 30d
CVE-2020-6544 :cve154, 2020-01-01, 30d
CVE-2020-6543 :cve155, 2020-01-01, 30d
CVE-2020-6542 :cve156, 2020-01-01, 30d
CVE-2020-6541 :cve157, 2020-01-01, 30d
CVE-2020-6539 :cve158, 2020-01-01, 30d
CVE-2020-6532 :cve159, 2020-01-01, 30d
CVE-2020-6518 :cve160, 2020-01-01, 30d
CVE-2020-6515 :cve161, 2020-01-01, 30d
CVE-2020-6509 :cve162, 2020-01-01, 30d
CVE-2020-6505 :cve163, 2020-01-01, 30d
CVE-2020-6496 :cve164, 2020-01-01, 30d
CVE-2020-6493 :cve165, 2020-01-01, 30d
CVE-2020-6492 :cve166, 2020-01-01, 30d
CVE-2020-6474 :cve167, 2020-01-01, 30d
CVE-2020-6467 :cve168, 2020-01-01, 30d
CVE-2020-6466 :cve169, 2020-01-01, 30d
CVE-2020-6465 :cve170, 2020-01-01, 30d
CVE-2020-6463 :cve171, 2020-01-01, 30d
CVE-2020-6462 :cve172, 2020-01-01, 30d
CVE-2020-6461 :cve173, 2020-01-01, 30d
CVE-2020-6459 :cve174, 2020-01-01, 30d
CVE-2020-6457 :cve175, 2020-01-01, 30d
CVE-2020-6454 :cve176, 2020-01-01, 30d
CVE-2020-6451 :cve177, 2020-01-01, 30d
CVE-2020-6450 :cve178, 2020-01-01, 30d
CVE-2020-6449 :cve179, 2020-01-01, 30d
CVE-2020-6448 :cve180, 2020-01-01, 30d
CVE-2020-6436 :cve181, 2020-01-01, 30d
CVE-2020-6434 :cve182, 2020-01-01, 30d
CVE-2020-6429 :cve183, 2020-01-01, 30d
CVE-2020-6428 :cve184, 2020-01-01, 30d
CVE-2020-6427 :cve185, 2020-01-01, 30d
CVE-2020-6424 :cve186, 2020-01-01, 30d
CVE-2020-6423 :cve187, 2020-01-01, 30d
CVE-2020-6422 :cve188, 2020-01-01, 30d
CVE-2020-6406 :cve189, 2020-01-01, 30d
CVE-2020-6386 :cve190, 2020-01-01, 30d
CVE-2020-6384 :cve191, 2020-01-01, 30d
CVE-2020-6379 :cve192, 2020-01-01, 30d
CVE-2020-6378 :cve193, 2020-01-01, 30d
CVE-2020-6377 :cve194, 2020-01-01, 30d
CVE-2020-16045 :cve195, 2020-01-01, 30d
CVE-2020-16039 :cve197, 2020-01-01, 30d
CVE-2020-16038 :cve198, 2020-01-01, 30d
CVE-2020-16037 :cve199, 2020-01-01, 30d
CVE-2020-16026 :cve200, 2020-01-01, 30d
CVE-2020-16023 :cve201, 2020-01-01, 30d
CVE-2020-16018 :cve202, 2020-01-01, 30d
CVE-2020-16017 :cve203, 2020-01-01, 30d
CVE-2020-16014 :cve204, 2020-01-01, 30d
CVE-2020-16004 :cve205, 2020-01-01, 30d
CVE-2020-16003 :cve206, 2020-01-01, 30d
CVE-2020-16002 :cve207, 2020-01-01, 30d
CVE-2020-16001 :cve208, 2020-01-01, 30d
CVE-2020-15998 :cve209, 2020-01-01, 30d
CVE-2020-15997 :cve210, 2020-01-01, 30d
CVE-2020-15996 :cve211, 2020-01-01, 30d
CVE-2020-15994 :cve212, 2020-01-01, 30d
CVE-2020-15993 :cve213, 2020-01-01, 30d
CVE-2020-15991 :cve214, 2020-01-01, 30d
CVE-2020-15990 :cve215, 2020-01-01, 30d
CVE-2020-15987 :cve216, 2020-01-01, 30d
CVE-2020-15976 :cve217, 2020-01-01, 30d
CVE-2020-15972 :cve218, 2020-01-01, 30d
CVE-2020-15971 :cve219, 2020-01-01, 30d
CVE-2020-15970 :cve220, 2020-01-01, 30d
CVE-2020-15969 :cve221, 2020-01-01, 30d
CVE-2020-15968 :cve222, 2020-01-01, 30d
CVE-2020-15967 :cve223, 2020-01-01, 30d
section 2019
CVE-2019-5878 :cve224, 2019-01-01, 30d
CVE-2019-5876 :cve225, 2019-01-01, 30d
CVE-2019-5872 :cve226, 2019-01-01, 30d
CVE-2019-5870 :cve227, 2019-01-01, 30d
CVE-2019-5869 :cve228, 2019-01-01, 30d
CVE-2019-5868 :cve229, 2019-01-01, 30d
CVE-2019-5860 :cve230, 2019-01-01, 30d
CVE-2019-5851 :cve231, 2019-01-01, 30d
CVE-2019-5850 :cve232, 2019-01-01, 30d
CVE-2019-5842 :cve233, 2019-01-01, 30d
CVE-2019-5826 :cve234, 2019-01-01, 30d
CVE-2019-5813 :cve235, 2019-01-01, 30d
CVE-2019-5809 :cve236, 2019-01-01, 30d
CVE-2019-5808 :cve237, 2019-01-01, 30d
CVE-2019-5805 :cve238, 2019-01-01, 30d
CVE-2019-5789 :cve239, 2019-01-01, 30d
CVE-2019-5788 :cve240, 2019-01-01, 30d
CVE-2019-13767 :cve241, 2019-01-01, 30d
CVE-2019-13766 :cve242, 2019-01-01, 30d
CVE-2019-13765 :cve243, 2019-01-01, 30d
CVE-2019-13732 :cve244, 2019-01-01, 30d
CVE-2019-13729 :cve245, 2019-01-01, 30d
CVE-2019-13725 :cve246, 2019-01-01, 30d
CVE-2019-13723 :cve247, 2019-01-01, 30d
CVE-2019-13721 :cve248, 2019-01-01, 30d
CVE-2019-13720 :cve249, 2019-01-01, 30d
CVE-2019-13699 :cve250, 2019-01-01, 30d
CVE-2019-13696 :cve251, 2019-01-01, 30d
CVE-2019-13695 :cve252, 2019-01-01, 30d
CVE-2019-13694 :cve253, 2019-01-01, 30d
CVE-2019-13693 :cve254, 2019-01-01, 30d
CVE-2019-13688 :cve255, 2019-01-01, 30d
CVE-2019-13687 :cve256, 2019-01-01, 30d
CVE-2019-13686 :cve257, 2019-01-01, 30d
CVE-2019-13685 :cve258, 2019-01-01, 30d
section 2018
CVE-2018-6171 :cve259, 2018-01-01, 30d
CVE-2018-6127 :cve260, 2018-01-01, 30d
CVE-2018-6123 :cve261, 2018-01-01, 30d
CVE-2018-6118 :cve262, 2018-01-01, 30d
CVE-2018-6087 :cve263, 2018-01-01, 30d
CVE-2018-6086 :cve264, 2018-01-01, 30d
CVE-2018-6072 :cve265, 2018-01-01, 30d
CVE-2018-6060 :cve266, 2018-01-01, 30d
CVE-2018-6054 :cve267, 2018-01-01, 30d
CVE-2018-6031 :cve268, 2018-01-01, 30d
CVE-2018-18356 :cve269, 2018-01-01, 30d
CVE-2018-18343 :cve270, 2018-01-01, 30d
CVE-2018-18337 :cve271, 2018-01-01, 30d
CVE-2018-17474 :cve272, 2018-01-01, 30d
CVE-2018-17457 :cve273, 2018-01-01, 30d
CVE-2018-16085 :cve274, 2018-01-01, 30d
CVE-2018-16071 :cve275, 2018-01-01, 30d
CVE-2018-16067 :cve276, 2018-01-01, 30d
CVE-2018-16066 :cve277, 2018-01-01, 30d
CVE-2018-16065 :cve278, 2018-01-01, 30d
section 2017
CVE-2017-5129 :cve279, 2017-01-01, 30d
CVE-2017-5127 :cve280, 2017-01-01, 30d
CVE-2017-5126 :cve281, 2017-01-01, 30d
CVE-2017-5111 :cve282, 2017-01-01, 30d
CVE-2017-5100 :cve283, 2017-01-01, 30d
CVE-2017-5098 :cve284, 2017-01-01, 30d
CVE-2017-5091 :cve285, 2017-01-01, 30d
CVE-2017-5087 :cve286, 2017-01-01, 30d
CVE-2017-5080 :cve287, 2017-01-01, 30d
CVE-2017-5074 :cve288, 2017-01-01, 30d
CVE-2017-5073 :cve289, 2017-01-01, 30d
CVE-2017-5062 :cve290, 2017-01-01, 30d
CVE-2017-5058 :cve291, 2017-01-01, 30d
CVE-2017-5056 :cve292, 2017-01-01, 30d
CVE-2017-5055 :cve293, 2017-01-01, 30d
CVE-2017-5043 :cve294, 2017-01-01, 30d
CVE-2017-5039 :cve295, 2017-01-01, 30d
CVE-2017-5038 :cve296, 2017-01-01, 30d
CVE-2017-5036 :cve297, 2017-01-01, 30d
CVE-2017-5034 :cve298, 2017-01-01, 30d
CVE-2017-5031 :cve299, 2017-01-01, 30d
CVE-2017-5021 :cve300, 2017-01-01, 30d
CVE-2017-5019 :cve301, 2017-01-01, 30d
CVE-2017-15412 :cve302, 2017-01-01, 30d
CVE-2017-15411 :cve303, 2017-01-01, 30d
CVE-2017-15410 :cve304, 2017-01-01, 30d
CVE-2017-15399 :cve305, 2017-01-01, 30d
CVE-2017-15395 :cve306, 2017-01-01, 30d
section 2016
CVE-2016-5219 :cve307, 2016-01-01, 30d
CVE-2016-5216 :cve308, 2016-01-01, 30d
CVE-2016-5215 :cve309, 2016-01-01, 30d
CVE-2016-5213 :cve310, 2016-01-01, 30d
CVE-2016-5211 :cve311, 2016-01-01, 30d
CVE-2016-5203 :cve312, 2016-01-01, 30d
CVE-2016-5183 :cve313, 2016-01-01, 30d
CVE-2016-5177 :cve314, 2016-01-01, 30d
CVE-2016-5171 :cve315, 2016-01-01, 30d
CVE-2016-5170 :cve316, 2016-01-01, 30d
CVE-2016-5156 :cve317, 2016-01-01, 30d
CVE-2016-5151 :cve318, 2016-01-01, 30d
CVE-2016-5150 :cve319, 2016-01-01, 30d
CVE-2016-5142 :cve320, 2016-01-01, 30d
CVE-2016-5138 :cve321, 2016-01-01, 30d
CVE-2016-5136 :cve322, 2016-01-01, 30d
CVE-2016-5131 :cve323, 2016-01-01, 30d
CVE-2016-5127 :cve324, 2016-01-01, 30d
CVE-2016-1708 :cve325, 2016-01-01, 30d
CVE-2016-1701 :cve326, 2016-01-01, 30d
CVE-2016-1700 :cve327, 2016-01-01, 30d
CVE-2016-1690 :cve328, 2016-01-01, 30d
CVE-2016-1680 :cve329, 2016-01-01, 30d
CVE-2016-1679 :cve330, 2016-01-01, 30d
CVE-2016-1663 :cve331, 2016-01-01, 30d
CVE-2016-1662 :cve332, 2016-01-01, 30d
CVE-2016-1655 :cve333, 2016-01-01, 30d
CVE-2016-1648 :cve334, 2016-01-01, 30d
CVE-2016-1647 :cve335, 2016-01-01, 30d
CVE-2016-1644 :cve336, 2016-01-01, 30d
CVE-2016-1641 :cve337, 2016-01-01, 30d
CVE-2016-1639 :cve338, 2016-01-01, 30d
CVE-2016-1635 :cve339, 2016-01-01, 30d
CVE-2016-1634 :cve340, 2016-01-01, 30d
CVE-2016-1633 :cve341, 2016-01-01, 30d
CVE-2016-1613 :cve342, 2016-01-01, 30d
CVE-2016-0959 :cve343, 2016-01-01, 30d
section 2015
CVE-2015-8479 :cve344, 2015-01-01, 30d
CVE-2015-6789 :cve345, 2015-01-01, 30d
CVE-2015-6780 :cve346, 2015-01-01, 30d
CVE-2015-6777 :cve347, 2015-01-01, 30d
CVE-2015-6774 :cve348, 2015-01-01, 30d
CVE-2015-6767 :cve349, 2015-01-01, 30d
CVE-2015-6766 :cve350, 2015-01-01, 30d
CVE-2015-6765 :cve351, 2015-01-01, 30d
CVE-2015-6757 :cve352, 2015-01-01, 30d
CVE-2015-6756 :cve353, 2015-01-01, 30d
CVE-2015-6581 :cve354, 2015-01-01, 30d
CVE-2015-1299 :cve355, 2015-01-01, 30d
CVE-2015-1295 :cve356, 2015-01-01, 30d
CVE-2015-1294 :cve357, 2015-01-01, 30d
CVE-2015-1284 :cve358, 2015-01-01, 30d
CVE-2015-1282 :cve359, 2015-01-01, 30d
CVE-2015-1277 :cve360, 2015-01-01, 30d
CVE-2015-1276 :cve361, 2015-01-01, 30d
CVE-2015-1272 :cve362, 2015-01-01, 30d
CVE-2015-1260 :cve363, 2015-01-01, 30d
CVE-2015-1256 :cve364, 2015-01-01, 30d
CVE-2015-1255 :cve365, 2015-01-01, 30d
CVE-2015-1251 :cve366, 2015-01-01, 30d
CVE-2015-1245 :cve367, 2015-01-01, 30d
CVE-2015-1243 :cve368, 2015-01-01, 30d
CVE-2015-1239 :cve369, 2015-01-01, 30d
CVE-2015-1237 :cve370, 2015-01-01, 30d
CVE-2015-1223 :cve371, 2015-01-01, 30d
CVE-2015-1222 :cve372, 2015-01-01, 30d
CVE-2015-1221 :cve373, 2015-01-01, 30d
CVE-2015-1220 :cve374, 2015-01-01, 30d
CVE-2015-1218 :cve375, 2015-01-01, 30d
CVE-2015-1216 :cve376, 2015-01-01, 30d
CVE-2015-1209 :cve377, 2015-01-01, 30d
CVE-2015-1207 :cve378, 2015-01-01, 30d
section 2014
CVE-2014-9647 :cve379, 2014-01-01, 30d
CVE-2014-7937 :cve380, 2014-01-01, 30d
CVE-2014-7936 :cve381, 2014-01-01, 30d
CVE-2014-7935 :cve382, 2014-01-01, 30d
CVE-2014-7934 :cve383, 2014-01-01, 30d
CVE-2014-7933 :cve384, 2014-01-01, 30d
CVE-2014-7932 :cve385, 2014-01-01, 30d
CVE-2014-7930 :cve386, 2014-01-01, 30d
CVE-2014-7929 :cve387, 2014-01-01, 30d
CVE-2014-7925 :cve388, 2014-01-01, 30d
CVE-2014-7924 :cve389, 2014-01-01, 30d
CVE-2014-7907 :cve390, 2014-01-01, 30d
CVE-2014-7906 :cve391, 2014-01-01, 30d
CVE-2014-7902 :cve392, 2014-01-01, 30d
CVE-2014-7900 :cve393, 2014-01-01, 30d
CVE-2014-3194 :cve394, 2014-01-01, 30d
CVE-2014-3193 :cve395, 2014-01-01, 30d
CVE-2014-3192 :cve396, 2014-01-01, 30d
CVE-2014-3191 :cve397, 2014-01-01, 30d
CVE-2014-3190 :cve398, 2014-01-01, 30d
CVE-2014-3178 :cve399, 2014-01-01, 30d
CVE-2014-3171 :cve400, 2014-01-01, 30d
CVE-2014-3169 :cve401, 2014-01-01, 30d
CVE-2014-3168 :cve402, 2014-01-01, 30d
CVE-2014-3165 :cve403, 2014-01-01, 30d
CVE-2014-3154 :cve404, 2014-01-01, 30d
CVE-2014-1745 :cve405, 2014-01-01, 30d
CVE-2014-1743 :cve406, 2014-01-01, 30d
CVE-2014-1742 :cve407, 2014-01-01, 30d
CVE-2014-1740 :cve408, 2014-01-01, 30d
CVE-2014-1732 :cve409, 2014-01-01, 30d
CVE-2014-1727 :cve410, 2014-01-01, 30d
CVE-2014-1724 :cve411, 2014-01-01, 30d
CVE-2014-1722 :cve412, 2014-01-01, 30d
CVE-2014-1720 :cve413, 2014-01-01, 30d
CVE-2014-1719 :cve414, 2014-01-01, 30d
CVE-2014-1713 :cve415, 2014-01-01, 30d
CVE-2014-1703 :cve416, 2014-01-01, 30d
CVE-2014-1702 :cve417, 2014-01-01, 30d
CVE-2014-1700 :cve418, 2014-01-01, 30d
section 2013
CVE-2013-6664 :cve419, 2013-01-01, 30d
CVE-2013-6663 :cve420, 2013-01-01, 30d
CVE-2013-6658 :cve421, 2013-01-01, 30d
CVE-2013-6655 :cve422, 2013-01-01, 30d
CVE-2013-6653 :cve423, 2013-01-01, 30d
CVE-2013-6649 :cve424, 2013-01-01, 30d
CVE-2013-6647 :cve425, 2013-01-01, 30d
CVE-2013-6646 :cve426, 2013-01-01, 30d
CVE-2013-6645 :cve427, 2013-01-01, 30d
CVE-2013-6641 :cve428, 2013-01-01, 30d
CVE-2013-6635 :cve429, 2013-01-01, 30d
CVE-2013-6631 :cve430, 2013-01-01, 30d
CVE-2013-6625 :cve431, 2013-01-01, 30d
CVE-2013-6624 :cve432, 2013-01-01, 30d
CVE-2013-6622 :cve433, 2013-01-01, 30d
CVE-2013-6621 :cve434, 2013-01-01, 30d
CVE-2013-2927 :cve435, 2013-01-01, 30d
CVE-2013-2926 :cve436, 2013-01-01, 30d
CVE-2013-2925 :cve437, 2013-01-01, 30d
CVE-2013-2924 :cve438, 2013-01-01, 30d
CVE-2013-2922 :cve439, 2013-01-01, 30d
CVE-2013-2921 :cve440, 2013-01-01, 30d
CVE-2013-2918 :cve441, 2013-01-01, 30d
CVE-2013-2914 :cve442, 2013-01-01, 30d
CVE-2013-2913 :cve443, 2013-01-01, 30d
CVE-2013-2912 :cve444, 2013-01-01, 30d
CVE-2013-2911 :cve445, 2013-01-01, 30d
CVE-2013-2910 :cve446, 2013-01-01, 30d
CVE-2013-2909 :cve447, 2013-01-01, 30d
CVE-2013-2904 :cve448, 2013-01-01, 30d
CVE-2013-2903 :cve449, 2013-01-01, 30d
CVE-2013-2902 :cve450, 2013-01-01, 30d
CVE-2013-2885 :cve451, 2013-01-01, 30d
CVE-2013-2884 :cve452, 2013-01-01, 30d
CVE-2013-2883 :cve453, 2013-01-01, 30d
CVE-2013-2873 :cve454, 2013-01-01, 30d
CVE-2013-2871 :cve455, 2013-01-01, 30d
CVE-2013-2870 :cve456, 2013-01-01, 30d
CVE-2013-2864 :cve457, 2013-01-01, 30d
CVE-2013-2861 :cve458, 2013-01-01, 30d
CVE-2013-2860 :cve459, 2013-01-01, 30d
CVE-2013-2858 :cve460, 2013-01-01, 30d
CVE-2013-2857 :cve461, 2013-01-01, 30d
CVE-2013-2856 :cve462, 2013-01-01, 30d
CVE-2013-2847 :cve463, 2013-01-01, 30d
CVE-2013-2846 :cve464, 2013-01-01, 30d
CVE-2013-2844 :cve465, 2013-01-01, 30d
CVE-2013-2843 :cve466, 2013-01-01, 30d
CVE-2013-2842 :cve467, 2013-01-01, 30d
CVE-2013-2841 :cve468, 2013-01-01, 30d
CVE-2013-2840 :cve469, 2013-01-01, 30d
CVE-2013-2837 :cve470, 2013-01-01, 30d
CVE-2013-2833 :cve471, 2013-01-01, 30d
CVE-2013-0920 :cve472, 2013-01-01, 30d
CVE-2013-0919 :cve473, 2013-01-01, 30d
CVE-2013-0916 :cve474, 2013-01-01, 30d
CVE-2013-0905 :cve475, 2013-01-01, 30d
CVE-2013-0903 :cve476, 2013-01-01, 30d
CVE-2013-0902 :cve477, 2013-01-01, 30d
CVE-2013-0898 :cve478, 2013-01-01, 30d
CVE-2013-0880 :cve479, 2013-01-01, 30d
CVE-2013-0839 :cve480, 2013-01-01, 30d
CVE-2013-0832 :cve481, 2013-01-01, 30d
section 2012
CVE-2012-5156 :cve482, 2012-01-01, 30d
CVE-2012-5150 :cve483, 2012-01-01, 30d
CVE-2012-5147 :cve484, 2012-01-01, 30d
CVE-2012-5145 :cve485, 2012-01-01, 30d
CVE-2012-5140 :cve486, 2012-01-01, 30d
CVE-2012-5139 :cve487, 2012-01-01, 30d
CVE-2012-5137 :cve488, 2012-01-01, 30d
CVE-2012-5135 :cve489, 2012-01-01, 30d
CVE-2012-5133 :cve490, 2012-01-01, 30d
CVE-2012-5126 :cve491, 2012-01-01, 30d
CVE-2012-5125 :cve492, 2012-01-01, 30d
CVE-2012-5121 :cve493, 2012-01-01, 30d
CVE-2012-5116 :cve494, 2012-01-01, 30d
CVE-2012-5112 :cve495, 2012-01-01, 30d
CVE-2012-2893 :cve496, 2012-01-01, 30d
CVE-2012-2890 :cve497, 2012-01-01, 30d
CVE-2012-2888 :cve498, 2012-01-01, 30d
CVE-2012-2887 :cve499, 2012-01-01, 30d
CVE-2012-2885 :cve500, 2012-01-01, 30d
CVE-2012-2878 :cve501, 2012-01-01, 30d
CVE-2012-2862 :cve502, 2012-01-01, 30d
CVE-2012-2857 :cve503, 2012-01-01, 30d
CVE-2012-2855 :cve504, 2012-01-01, 30d
CVE-2012-2852 :cve505, 2012-01-01, 30d
CVE-2012-2843 :cve506, 2012-01-01, 30d
CVE-2012-2842 :cve507, 2012-01-01, 30d
CVE-2012-2831 :cve508, 2012-01-01, 30d
CVE-2012-2829 :cve509, 2012-01-01, 30d
CVE-2012-2827 :cve510, 2012-01-01, 30d
CVE-2012-2824 :cve511, 2012-01-01, 30d
CVE-2012-2823 :cve512, 2012-01-01, 30d
CVE-2012-2818 :cve513, 2012-01-01, 30d
CVE-2012-2817 :cve514, 2012-01-01, 30d
CVE-2012-1845 :cve515, 2012-01-01, 30d
CVE-2012-1521 :cve516, 2012-01-01, 30d
section 2011
CVE-2011-3971 :cve517, 2011-01-01, 30d
CVE-2011-3969 :cve518, 2011-01-01, 30d
CVE-2011-3968 :cve519, 2011-01-01, 30d
CVE-2011-3966 :cve520, 2011-01-01, 30d
CVE-2011-3957 :cve521, 2011-01-01, 30d
CVE-2011-3928 :cve522, 2011-01-01, 30d
CVE-2011-3925 :cve523, 2011-01-01, 30d
CVE-2011-3924 :cve524, 2011-01-01, 30d
CVE-2011-3921 :cve525, 2011-01-01, 30d
CVE-2011-3913 :cve526, 2011-01-01, 30d
CVE-2011-3912 :cve527, 2011-01-01, 30d
CVE-2011-3904 :cve528, 2011-01-01, 30d
CVE-2011-3897 :cve529, 2011-01-01, 30d
CVE-2011-3892 :cve530, 2011-01-01, 30d
CVE-2011-3890 :cve531, 2011-01-01, 30d
CVE-2011-3888 :cve532, 2011-01-01, 30d
CVE-2011-3885 :cve533, 2011-01-01, 30d
CVE-2011-3883 :cve534, 2011-01-01, 30d
CVE-2011-3882 :cve535, 2011-01-01, 30d
CVE-2011-3112 :cve536, 2011-01-01, 30d
CVE-2011-3108 :cve537, 2011-01-01, 30d
CVE-2011-3105 :cve538, 2011-01-01, 30d
CVE-2011-3099 :cve539, 2011-01-01, 30d
CVE-2011-3096 :cve540, 2011-01-01, 30d
CVE-2011-3091 :cve541, 2011-01-01, 30d
CVE-2011-3089 :cve542, 2011-01-01, 30d
CVE-2011-3086 :cve543, 2011-01-01, 30d
CVE-2011-3081 :cve544, 2011-01-01, 30d
CVE-2011-3078 :cve545, 2011-01-01, 30d
CVE-2011-3077 :cve546, 2011-01-01, 30d
CVE-2011-3076 :cve547, 2011-01-01, 30d
CVE-2011-3075 :cve548, 2011-01-01, 30d
CVE-2011-3074 :cve549, 2011-01-01, 30d
CVE-2011-3073 :cve550, 2011-01-01, 30d
CVE-2011-3071 :cve551, 2011-01-01, 30d
CVE-2011-3070 :cve552, 2011-01-01, 30d
CVE-2011-3069 :cve553, 2011-01-01, 30d
CVE-2011-3068 :cve554, 2011-01-01, 30d
CVE-2011-3064 :cve555, 2011-01-01, 30d
CVE-2011-3053 :cve556, 2011-01-01, 30d
CVE-2011-3051 :cve557, 2011-01-01, 30d
CVE-2011-3050 :cve558, 2011-01-01, 30d
CVE-2011-3044 :cve559, 2011-01-01, 30d
CVE-2011-3043 :cve560, 2011-01-01, 30d
CVE-2011-3042 :cve561, 2011-01-01, 30d
CVE-2011-3041 :cve562, 2011-01-01, 30d
CVE-2011-3039 :cve563, 2011-01-01, 30d
CVE-2011-3038 :cve564, 2011-01-01, 30d
CVE-2011-3035 :cve565, 2011-01-01, 30d
CVE-2011-3034 :cve566, 2011-01-01, 30d
CVE-2011-3032 :cve567, 2011-01-01, 30d
CVE-2011-3031 :cve568, 2011-01-01, 30d
CVE-2011-3023 :cve569, 2011-01-01, 30d
CVE-2011-3021 :cve570, 2011-01-01, 30d
CVE-2011-3017 :cve571, 2011-01-01, 30d
CVE-2011-3016 :cve572, 2011-01-01, 30d
CVE-2011-2880 :cve573, 2011-01-01, 30d
CVE-2011-2876 :cve574, 2011-01-01, 30d
CVE-2011-2860 :cve575, 2011-01-01, 30d
CVE-2011-2857 :cve576, 2011-01-01, 30d
CVE-2011-2854 :cve577, 2011-01-01, 30d
CVE-2011-2853 :cve578, 2011-01-01, 30d
CVE-2011-2847 :cve579, 2011-01-01, 30d
CVE-2011-2846 :cve580, 2011-01-01, 30d
CVE-2011-2834 :cve581, 2011-01-01, 30d
CVE-2011-2827 :cve582, 2011-01-01, 30d
CVE-2011-2825 :cve583, 2011-01-01, 30d
CVE-2011-2824 :cve584, 2011-01-01, 30d
CVE-2011-2823 :cve585, 2011-01-01, 30d
CVE-2011-2821 :cve586, 2011-01-01, 30d
CVE-2011-2818 :cve587, 2011-01-01, 30d
CVE-2011-2801 :cve588, 2011-01-01, 30d
CVE-2011-2799 :cve589, 2011-01-01, 30d
CVE-2011-2797 :cve590, 2011-01-01, 30d
CVE-2011-2796 :cve591, 2011-01-01, 30d
CVE-2011-2793 :cve592, 2011-01-01, 30d
CVE-2011-2792 :cve593, 2011-01-01, 30d
CVE-2011-2790 :cve594, 2011-01-01, 30d
CVE-2011-2789 :cve595, 2011-01-01, 30d
CVE-2011-2353 :cve596, 2011-01-01, 30d
CVE-2011-2351 :cve597, 2011-01-01, 30d
CVE-2011-2349 :cve598, 2011-01-01, 30d
CVE-2011-2346 :cve599, 2011-01-01, 30d
CVE-2011-2335 :cve600, 2011-01-01, 30d
CVE-2011-2334 :cve601, 2011-01-01, 30d
CVE-2011-1818 :cve602, 2011-01-01, 30d
CVE-2011-1816 :cve603, 2011-01-01, 30d
CVE-2011-1809 :cve604, 2011-01-01, 30d
CVE-2011-1808 :cve605, 2011-01-01, 30d
CVE-2011-1796 :cve606, 2011-01-01, 30d
CVE-2011-1454 :cve607, 2011-01-01, 30d
CVE-2011-1449 :cve608, 2011-01-01, 30d
CVE-2011-1440 :cve609, 2011-01-01, 30d
CVE-2011-1301 :cve610, 2011-01-01, 30d
CVE-2011-1293 :cve611, 2011-01-01, 30d
CVE-2011-1292 :cve612, 2011-01-01, 30d
CVE-2011-1195 :cve613, 2011-01-01, 30d
CVE-2011-1191 :cve614, 2011-01-01, 30d
CVE-2011-1124 :cve615, 2011-01-01, 30d
CVE-2011-1059 :cve616, 2011-01-01, 30d
CVE-2011-1042 :cve617, 2011-01-01, 30d
CVE-2011-0982 :cve618, 2011-01-01, 30d
CVE-2011-0777 :cve619, 2011-01-01, 30d
CVE-2011-0475 :cve620, 2011-01-01, 30d
section 2010
CVE-2010-4494 :cve621, 2010-01-01, 30d
CVE-2010-4493 :cve622, 2010-01-01, 30d
CVE-2010-4492 :cve623, 2010-01-01, 30d
CVE-2010-4486 :cve624, 2010-01-01, 30d
CVE-2010-4201 :cve625, 2010-01-01, 30d
CVE-2010-4197 :cve626, 2010-01-01, 30d
CVE-2010-3257 :cve627, 2010-01-01, 30d
CVE-2010-3252 :cve628, 2010-01-01, 30d
CVE-2010-3116 :cve629, 2010-01-01, 30d
CVE-2010-2302 :cve630, 2010-01-01, 30d
CVE-2010-2300 :cve631, 2010-01-01, 30d
CVE-2010-1825 :cve632, 2010-01-01, 30d
CVE-2010-1824 :cve633, 2010-01-01, 30d
CVE-2010-1823 :cve634, 2010-01-01, 30d
CVE-2010-1772 :cve635, 2010-01-01, 30d
CVE-2010-0655 :cve636, 2010-01-01, 30d
section 2009
CVE-2009-1690 :cve637, 2009-01-01, 30d
Raw
Google-Chrome-Use-After-Free-table.md
CVE Description Release Date KBs Acknowledgments
CVE-2022-0308 Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0307 Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0304 Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0302 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0300 Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0298 Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0297 Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0296 Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0295 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0293 Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0290 Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0289 Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0107 Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0106 Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0105 Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0103 Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2022-0099 Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. 2022-01-11T08:00:00Z
CVE-2022-0098 Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. 2022-01-11T08:00:00Z
CVE-2022-0096 Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2022-01-11T08:00:00Z
CVE-2021-4102 Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4099 Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4067 Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4065 Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4064 Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4063 Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4057 Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4053 Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-12-14T08:00:00Z
CVE-2021-4052 Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. 2021-12-14T08:00:00Z
CVE-2021-38011 Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-11-09T08:00:00Z
CVE-2021-38008 Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-11-09T08:00:00Z
CVE-2021-38006 Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-11-09T08:00:00Z
CVE-2021-38005 Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-11-09T08:00:00Z
CVE-2021-38002 Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37998 Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37997 Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37993 Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37988 Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37987 Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37985 Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37983 Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37982 Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37977 Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37975 Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37974 Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-10-12T07:00:00Z
CVE-2021-37973 Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-37970 Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-37962 Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-37961 Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-37959 Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-37957 Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-37956 Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-30633 Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-30629 Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-30625 Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. 2021-09-14T07:00:00Z
CVE-2021-30604 Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-08-10T07:00:00Z
CVE-2021-30602 Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page. 2021-08-10T07:00:00Z
CVE-2021-30601 Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-08-10T07:00:00Z
CVE-2021-30600 Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. None
CVE-2021-30597 Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. 2021-08-10T07:00:00Z
CVE-2021-30594 Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. 2021-08-10T07:00:00Z
CVE-2021-30591 Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-08-10T07:00:00Z
CVE-2021-30586 Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30585 Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30581 Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30579 Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30576 Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30574 Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30573 Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30572 Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30569 Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30567 Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture. 2021-07-13T07:00:00Z
CVE-2021-30562 Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30560 Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30557 Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30556 Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30555 Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture. 2021-06-08T07:00:00Z
CVE-2021-30554 Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30553 Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30552 Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30550 Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30549 Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30548 Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30546 Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30545 Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30544 Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-06-08T07:00:00Z
CVE-2021-30543 Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. None
CVE-2021-30542 Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. None
CVE-2021-30541 Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-07-13T07:00:00Z
CVE-2021-30535 Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30529 Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30528 Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30527 Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30525 Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30524 Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30523 Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. 2021-05-11T07:00:00Z
CVE-2021-30522 Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30520 Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30519 Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30515 Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30514 Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30512 Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-30510 Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-05-11T07:00:00Z
CVE-2021-21232 Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21226 Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21214 Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. 2021-04-13T07:00:00Z
CVE-2021-21213 Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21207 Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. 2021-04-13T07:00:00Z
CVE-2021-21206 Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21204 Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21203 Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21202 Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. 2021-04-13T07:00:00Z
CVE-2021-21201 Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21199 Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21195 Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21194 Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-04-13T07:00:00Z
CVE-2021-21193 Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-03-09T08:00:00Z
CVE-2021-21191 Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-03-09T08:00:00Z
CVE-2021-21188 Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-03-09T08:00:00Z
CVE-2021-21180 Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-03-09T08:00:00Z
CVE-2021-21179 Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-03-09T08:00:00Z
CVE-2021-21167 Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-03-09T08:00:00Z
CVE-2021-21162 Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-03-09T08:00:00Z
CVE-2021-21157 Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-02-09T08:00:00Z
CVE-2021-21151 Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. 2021-02-09T08:00:00Z
CVE-2021-21150 Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. 2021-02-09T08:00:00Z
CVE-2021-21146 Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. 2021-02-09T08:00:00Z
CVE-2021-21145 Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-02-09T08:00:00Z
CVE-2021-21142 Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. 2021-02-09T08:00:00Z
CVE-2021-21138 Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file. None
CVE-2021-21124 Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. 2021-01-12T08:00:00Z
CVE-2021-21122 Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-01-12T08:00:00Z
CVE-2021-21121 Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. 2021-01-12T08:00:00Z
CVE-2021-21120 Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2021-01-12T08:00:00Z
CVE-2021-21119 Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2021-01-12T08:00:00Z
CVE-2021-21115 User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2021-21114 Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2021-21112 Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2021-21110 Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2021-21109 Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2021-21108 Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2021-21107 Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2021-21106 Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-9633 Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. None
CVE-2020-6576 Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6573 Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6572 Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page. None
CVE-2020-6559 Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6554 Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. None
CVE-2020-6553 Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6552 Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6551 Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6550 Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6549 Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6545 Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6544 Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6543 Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6542 Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6541 Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6539 Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6532 Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6518 Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6515 Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6509 Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. None
CVE-2020-6505 Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6496 Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6493 Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6492 Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6474 Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6467 Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6466 Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6465 Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6463 Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6462 Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6461 Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6459 Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6457 Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-6454 Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. None
CVE-2020-6451 Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6450 Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6449 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6448 Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6436 Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6434 Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6429 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6428 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6427 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6424 Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6423 Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6422 Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6406 Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6386 Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6384 Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6379 Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6378 Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-6377 Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16045 Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-16044 Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. 2021-01-12T08:00:00Z
CVE-2020-16039 Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16038 Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16037 Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16026 Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16023 Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16018 Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-16017 Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-16014 Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-16004 Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16003 Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-16002 Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2020-16001 Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-15998 Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-15997 Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-15996 Use after free in passwords in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-15994 Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-15993 Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-15991 Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-15990 Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-15987 Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream. None
CVE-2020-15976 Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-15972 Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-15971 Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-15970 Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2020-15969 Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-15968 Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2020-15967 Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2019-5878 Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5876 Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5872 Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5870 Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2019-5869 Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5868 Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2019-5860 Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2019-5851 Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5850 Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2019-5842 Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5826 Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5813 Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5809 Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. None
CVE-2019-5808 Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-5805 Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2019-5789 An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. None
CVE-2019-5788 An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. None
CVE-2019-13767 Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13766 Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13765 Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13732 Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13729 Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13725 Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. None
CVE-2019-13723 Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13721 Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13720 Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13699 Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13696 Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13695 Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13694 Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13693 Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. None
CVE-2019-13688 Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13687 Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13686 Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2019-13685 Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-6171 Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. None
CVE-2018-6127 Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. None
CVE-2018-6123 A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-6118 A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. None
CVE-2018-6087 A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. None
CVE-2018-6086 A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. None
CVE-2018-6072 An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2018-6060 Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-6054 Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. None
CVE-2018-6031 Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2018-18356 An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-18343 Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-18337 Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-17474 Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-17457 An object lifecycle issue in Blink could lead to a use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. None
CVE-2018-16085 A use after free in ResourceCoordinator in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-16071 A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. None
CVE-2018-16067 A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-16066 A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2018-16065 A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. None
CVE-2017-5129 A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5127 Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2017-5126 A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2017-5111 A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. None
CVE-2017-5100 A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5098 A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5091 A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5087 A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape. None
CVE-2017-5080 A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5074 A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth. None
CVE-2017-5073 Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5062 A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension. None
CVE-2017-5058 A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. None
CVE-2017-5056 A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5055 A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5043 Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. None
CVE-2017-5039 A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2017-5038 Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. None
CVE-2017-5036 A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file. None
CVE-2017-5034 A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. None
CVE-2017-5031 A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5021 A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2017-5019 A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2017-15412 Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2017-15411 Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2017-15410 Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2017-15399 A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2017-15395 A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference. None
CVE-2016-5219 A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2016-5216 A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. None
CVE-2016-5215 A use after free in webaudio in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. None
CVE-2016-5213 A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. None
CVE-2016-5211 A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2016-5203 A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. None
CVE-2016-5183 A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files. None
CVE-2016-5177 Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. None
CVE-2016-5171 WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. None
CVE-2016-5170 WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls. None
CVE-2016-5156 extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure to add an event matcher, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. None
CVE-2016-5151 PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/javascript/JS_Object.cpp and fpdfsdk/javascript/app.cpp. None
CVE-2016-5150 WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code that leverages certain side effects. None
CVE-2016-5142 The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp and SubtleCrypto.cpp. None
CVE-2016-5138 Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffer overflow and use-after-free) by leveraging an unrestricted multiplication. None
CVE-2016-5136 Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion. None
CVE-2016-5131 Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. None
CVE-2016-5127 Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element. None
CVE-2016-1708 The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. None
CVE-2016-1701 The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690. None
CVE-2016-1700 extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions. None
CVE-2016-1690 The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701. None
CVE-2016-1680 Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors. None
CVE-2016-1679 The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. None
CVE-2016-1663 The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. None
CVE-2016-1662 extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. None
CVE-2016-1655 Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension. None
CVE-2016-1648 Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code. None
CVE-2016-1647 Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2016-1644 WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document. None
CVE-2016-1641 Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as demonstrated by a favicon.ico download. None
CVE-2016-1639 Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect reliance on the resource context pointer. None
CVE-2016-1635 extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. None
CVE-2016-1634 Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action. None
CVE-2016-1633 Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2016-1613 Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destruction of (1) IPWL_FocusHandler and (2) IPWL_Provider objects. None
CVE-2016-0959 Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash Player for Internet Explorer 10 and 11 before 20.0.0.267, Adobe Flash Player for Linux before 11.2.202.559, AIR Desktop Runtime before 20.0.0.233, AIR SDK before 20.0.0.233, AIR SDK & Compiler before 20.0.0.233, AIR for Android before 20.0.0.233. None
CVE-2015-8479 Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/audio_output_device.cc in Google Chrome before 47.0.2526.73 allows attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering access to an unauthorized audio output device. None
CVE-2015-6789 Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated object deletion. None
CVE-2015-6780 Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/website_settings/website_settings_popup_view.cc. None
CVE-2015-6777 Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions. None
CVE-2015-6774 Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that modifies a pointer used for reporting loadTimes data. None
CVE-2015-6767 Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks. None
CVE-2015-6766 Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection. None
CVE-2015-6765 Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs. None
CVE-2015-6757 Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a callback. None
CVE-2015-6756 Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging mishandling of a focused annotation in a PDF document. None
CVE-2015-6581 Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure. None
CVE-2015-1299 Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp. None
CVE-2015-1295 Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC messages during preparation for printing, as demonstrated by messages associated with PDF documents in conjunction with messages about printer capabilities. None
CVE-2015-1294 Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering the use of matrix elements that lead to an infinite result during an inversion calculation. None
CVE-2015-1284 The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (invalid count value and use-after-free) or possibly have unspecified other impact via crafted JavaScript code that makes many createElement calls for IFRAME elements. None
CVE-2015-1282 Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the (1) Document::delay and (2) Document::DoFieldDelay functions. None
CVE-2015-1277 Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures. None
CVE-2015-1276 Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation. None
CVE-2015-1272 Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown, related to content/browser/gpu/browser_gpu_channel_host_factory.cc and content/renderer/render_thread_impl.cc. None
CVE-2015-1260 Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon completion of a getUserMedia request. None
CVE-2015-1256 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shadow tree for a use element. None
CVE-2015-1255 Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc in the WebAudio implementation in Google Chrome before 43.0.2357.65 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging improper handling of a stop action for an audio track. None
CVE-2015-1251 Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document. None
CVE-2015-1245 Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering interaction with a PDFium "Open PDF in Reader" button that has an invalid tab association. None
CVE-2015-1243 Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an attempt to unregister a MutationObserver object that is not currently registered. None
CVE-2015-1239 Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. None
CVE-2015-1237 Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation. None
CVE-2015-1223 Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger extraneous change events, as demonstrated by events for invalid input or input to read-only fields, related to the initializeTypeInParsing and updateType functions. None
CVE-2015-1222 Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a ServiceWorkerContextWrapper::DeleteAndStartOver call, related to the NotifyStartedCaching and NotifyFinishedCaching functions. None
CVE-2015-1221 Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, related to the shutdown function in web/WebKit.cpp. None
CVE-2015-1220 Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image. None
CVE-2015-1218 Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp. None
CVE-2015-1216 Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment. None
CVE-2015-1209 Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor. None
CVE-2015-1207 Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file. None
CVE-2014-9647 Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdk_mgr.cpp, a different vulnerability than CVE-2015-1205. None
CVE-2014-7937 Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data. None
CVE-2014-7936 Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that triggers improper maintenance of a zoom bubble. None
CVE-2014-7935 Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed tab. None
CVE-2014-7934 Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures. None
CVE-2014-7933 Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data. None
CVE-2014-7932 Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements. None
CVE-2014-7930 Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data. None
CVE-2014-7929 Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents. None
CVE-2014-7925 Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained. None
CVE-2014-7924 Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc. None
CVE-2014-7907 Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods. None
CVE-2014-7906 Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime. None
CVE-2014-7902 Use-after-free vulnerability in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. None
CVE-2014-7900 Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. None
CVE-2014-3194 Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2014-3193 The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing. None
CVE-2014-3192 Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2014-3191 Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree, related to the FrameView::updateLayoutAndStyleForPainting function in core/frame/FrameView.cpp and the RenderLayerScrollableArea::setScrollOffset function in core/rendering/RenderLayerScrollableArea.cpp. None
CVE-2014-3190 Use-after-free vulnerability in the Event::currentTarget function in core/events/Event.cpp in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that accesses the path property of an Event object. None
CVE-2014-3178 Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies. None
CVE-2014-3171 Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operations instead of HashMap set operations, related to bindings/core/v8/DOMWrapperMap.h and bindings/core/v8/SerializedScriptValue.cpp. None
CVE-2014-3169 Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal. None
CVE-2014-3168 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation. None
CVE-2014-3165 Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a temporary object during method completion. None
CVE-2014-3154 Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown. None
CVE-2014-1745 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. None
CVE-2014-1743 Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation. None
CVE-2014-1742 Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling. None
CVE-2014-1740 Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion. None
CVE-2014-1732 Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that triggers the presence of a Speech Recognition Bubble window for an incorrect duration. None
CVE-2014-1727 Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms. None
CVE-2014-1724 Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request. None
CVE-2014-1722 Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node. None
CVE-2014-1720 Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes. None
CVE-2014-1719 Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWorkerContext function in content/worker/websharedworker_stub.cc in the Web Workers implementation in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger a SharedWorker termination during script loading. None
CVE-2014-1713 Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. None
CVE-2014-1703 Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case. None
CVE-2014-1702 Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread. None
CVE-2014-1700 Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure. None
CVE-2013-6664 Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements, as demonstrated by use of the speech-recognition feature. None
CVE-2013-6663 Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view. None
CVE-2013-6658 Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. None
CVE-2013-6655 Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. None
CVE-2013-6653 Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser. None
CVE-2013-6649 Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image. None
CVE-2013-6647 A use-after-free in AnimationController::endAnimationUpdate in Google Chrome. None
CVE-2013-6646 Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the shutting down of a worker process. None
CVE-2013-6645 Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element. None
CVE-2013-6641 Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of the past names map of a FORM element. None
CVE-2013-6635 Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. None
CVE-2013-6631 Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call. None
CVE-2013-6625 Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. None
CVE-2013-6624 Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes. None
CVE-2013-6622 Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the movement of a media element between documents. None
CVE-2013-6621 Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element. None
CVE-2013-2927 Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submission for FORM elements. None
CVE-2013-2926 Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements. None
CVE-2013-2925 Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object. None
CVE-2013-2924 Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-2922 Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE element. None
CVE-2013-2921 Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry. None
CVE-2013-2918 Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect handling of parent-child relationships for anonymous blocks. None
CVE-2013-2914 Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to color_chooser_dialog.cc and color_chooser_win.cc in browser/ui/views/. None
CVE-2013-2913 Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. None
CVE-2013-2912 Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a resource-destruction message. None
CVE-2013-2911 Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of post-failure recompilation in unspecified libxslt versions. None
CVE-2013-2910 Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-2909 Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings. None
CVE-2013-2904 Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element so that its src attribute is no longer an XML document, leading to unintended garbage collection of this document. None
CVE-2013-2903 Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving moving a (1) AUDIO or (2) VIDEO element between documents. None
CVE-2013-2902 Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an applyXSLTransform call involving (1) an HTML document or (2) an xsl:processing-instruction element that is still in the process of loading. None
CVE-2013-2885 Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields input type. None
CVE-2013-2884 Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object. None
CVE-2013-2883 Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to deleting the registration of a MutationObserver object. None
CVE-2013-2873 Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP status code during the loading of resources. None
CVE-2013-2871 Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. None
CVE-2013-2870 Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request. None
CVE-2013-2864 The PDF functionality in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via unknown vectors. None
CVE-2013-2861 Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-2860 Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving access to a database API by a worker process. None
CVE-2013-2858 Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-2857 Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of images. None
CVE-2013-2856 Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of input. None
CVE-2013-2847 Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via unknown vectors. None
CVE-2013-2846 Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2840. None
CVE-2013-2844 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style resolution. None
CVE-2013-2843 Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech data. None
CVE-2013-2842 Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets. None
CVE-2013-2841 Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of Pepper resources. None
CVE-2013-2840 Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2013-2846. None
CVE-2013-2837 Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-2833 Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements. None
CVE-2013-0920 Use-after-free vulnerability in the extension bookmarks API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-0919 Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the presence of an extension that creates a pop-up window. None
CVE-2013-0916 Use-after-free vulnerability in the Web Audio implementation in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-0905 Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG animation. None
CVE-2013-0903 Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of browser navigation. None
CVE-2013-0902 Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2013-0898 Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL. None
CVE-2013-0880 Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases. None
CVE-2013-0839 Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of fonts in CANVAS elements. None
CVE-2013-0832 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. None
CVE-2012-5156 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF fields. None
CVE-2012-5150 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data. None
CVE-2012-5147 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. None
CVE-2012-5145 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout. None
CVE-2012-5140 Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. None
CVE-2012-5139 Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. None
CVE-2012-5137 Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API. None
CVE-2012-5135 Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. None
CVE-2012-5133 Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. None
CVE-2012-5126 Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of plug-in placeholders. None
CVE-2012-5125 Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs. None
CVE-2012-5121 Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video layout. None
CVE-2012-5116 Use-after-free vulnerability in Google Chrome before 23.0.1271.64 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG filters. None
CVE-2012-5112 Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. None
CVE-2012-2893 Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms. None
CVE-2012-2890 Use-after-free vulnerability in the PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. None
CVE-2012-2888 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references. None
CVE-2012-2887 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events. None
CVE-2012-2885 Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit. None
CVE-2012-2878 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. None
CVE-2012-2862 Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. None
CVE-2012-2857 Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. None
CVE-2012-2855 Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. None
CVE-2012-2852 The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly handle object linkage, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted document. None
CVE-2012-2843 Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. None
CVE-2012-2842 Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling. None
CVE-2012-2831 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references. None
CVE-2012-2829 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. None
CVE-2012-2827 Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2012-2824 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG painting. None
CVE-2012-2823 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources. None
CVE-2012-2818 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the layout of documents that use the Cascading Style Sheets (CSS) counters feature. None
CVE-2012-2817 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to tables that have sections. None
CVE-2012-1845 Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the DEP and ASLR protection mechanisms, and execute arbitrary code, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code." None
CVE-2012-1521 Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-3971 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. None
CVE-2011-3969 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. None
CVE-2011-3968 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. None
CVE-2011-3966 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. None
CVE-2011-3957 Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents. None
CVE-2011-3928 Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. None
CVE-2011-3925 Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. None
CVE-2011-3924 Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. None
CVE-2011-3921 Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. None
CVE-2011-3913 Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. None
CVE-2011-3912 Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. None
CVE-2011-3904 Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling. None
CVE-2011-3897 Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. None
CVE-2011-3892 Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. None
CVE-2011-3890 Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling. None
CVE-2011-3888 Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. None
CVE-2011-3885 Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. None
CVE-2011-3883 Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters. None
CVE-2011-3882 Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media buffers. None
CVE-2011-3112 Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document. None
CVE-2011-3108 Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache. None
CVE-2011-3105 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. None
CVE-2011-3099 Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding. None
CVE-2011-3096 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox. None
CVE-2011-3091 Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-3089 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables. None
CVE-2011-3086 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element. None
CVE-2011-3081 Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. None
CVE-2011-3078 Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. None
CVE-2011-3077 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue. None
CVE-2011-3076 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. None
CVE-2011-3075 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. None
CVE-2011-3074 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. None
CVE-2011-3073 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources. None
CVE-2011-3071 Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-3070 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. None
CVE-2011-3069 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. None
CVE-2011-3068 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes. None
CVE-2011-3064 Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. None
CVE-2011-3053 Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. None
CVE-2011-3051 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. None
CVE-2011-3050 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. None
CVE-2011-3044 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. None
CVE-2011-3043 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements. None
CVE-2011-3042 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. None
CVE-2011-3041 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes. None
CVE-2011-3039 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. None
CVE-2011-3038 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. None
CVE-2011-3035 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. None
CVE-2011-3034 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document. None
CVE-2011-3032 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values. None
CVE-2011-3031 Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-3023 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. None
CVE-2011-3021 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. None
CVE-2011-3017 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. None
CVE-2011-3016 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. None
CVE-2011-2880 Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. None
CVE-2011-2876 Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box. None
CVE-2011-2860 Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. None
CVE-2011-2857 Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller. None
CVE-2011-2854 Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." None
CVE-2011-2853 Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. None
CVE-2011-2847 Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. None
CVE-2011-2846 Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling. None
CVE-2011-2834 Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. None
CVE-2011-2827 Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. None
CVE-2011-2825 Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. None
CVE-2011-2824 Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes. None
CVE-2011-2823 Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box. None
CVE-2011-2821 Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. None
CVE-2011-2818 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. None
CVE-2011-2801 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the frame loader. None
CVE-2011-2799 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. None
CVE-2011-2797 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. None
CVE-2011-2796 Use-after-free vulnerability in Skia, as used in Google Chrome before 13.0.782.107, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-2793 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media selectors. None
CVE-2011-2792 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. None
CVE-2011-2790 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. None
CVE-2011-2789 Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation of the Pepper plug-in. None
CVE-2011-2353 Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function. None
CVE-2011-2351 Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. None
CVE-2011-2349 Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text selection. None
CVE-2011-2346 Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts. None
CVE-2011-2335 A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function. None
CVE-2011-2334 Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections. None
CVE-2011-1818 Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-1816 Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-1809 Use-after-free vulnerability in the accessibility feature in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-1808 Use-after-free vulnerability in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to incorrect integer calculations during float handling. None
CVE-2011-1796 Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that calls the removeChild method during interaction with a FRAME element. None
CVE-2011-1454 Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. None
CVE-2011-1449 Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-1440 Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. None
CVE-2011-1301 Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. None
CVE-2011-1293 Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-1292 Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2011-1195 Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling." None
CVE-2011-1191 Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs. None
CVE-2011-1124 Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins. None
CVE-2011-1059 Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. None
CVE-2011-1042 Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta allows user-assisted remote attackers to cause a denial of service (daemon crash) by providing the name of a hidden WiFi network that does not respond to connection attempts. None
CVE-2011-0982 Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces. None
CVE-2011-0777 Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading. None
CVE-2011-0475 Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document. None
CVE-2010-4494 Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. None
CVE-2010-4493 Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. None
CVE-2010-4492 Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations. None
CVE-2010-4486 Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling. None
CVE-2010-4201 Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections. None
CVE-2010-4197 Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing. None
CVE-2010-3257 Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. None
CVE-2010-3252 Use-after-free vulnerability in the Notifications presenter in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. None
CVE-2010-3116 Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins. None
CVE-2010-2302 Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. None
CVE-2010-2300 Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759. None
CVE-2010-1825 Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements. None
CVE-2010-1824 Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. None
CVE-2010-1823 Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. None
CVE-2010-1772 Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site, related to failure to stop timers associated with geolocation upon deletion of a document. None
CVE-2010-0655 Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site. None
CVE-2009-1690 Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." None
Raw
Windows-print-spooler-gannt.md 
gantt

title Windows print spooler
dateFormat YYYY-MM-DD
axisFormat %Y-%m

section CVE Release Dates
section 2022-Mar
CVE-2022-23284 :cve0, 2022-03-08, 30d
section 2022-Feb
CVE-2022-22718 :cve1, 2022-02-08, 30d
CVE-2022-22717 :cve2, 2022-02-08, 30d
CVE-2022-21999 :cve3, 2022-02-08, 30d
CVE-2022-21997 :cve4, 2022-02-08, 30d
section 2021-Dec
CVE-2021-41333 :cve5, 2021-12-14, 30d
section 2021-Oct
CVE-2021-41332 :cve6, 2021-10-12, 30d
CVE-2021-36970 :cve10, 2021-10-12, 30d
section 2021-Sep
CVE-2021-40447 :cve7, 2021-09-14, 30d
CVE-2021-38671 :cve8, 2021-09-14, 30d
CVE-2021-38667 :cve9, 2021-09-14, 30d
section 2021-Aug
CVE-2021-36958 :cve11, 2021-08-10, 30d
CVE-2021-36947 :cve12, 2021-08-10, 30d
CVE-2021-36936 :cve13, 2021-08-10, 30d
CVE-2021-34483 :cve15, 2021-08-10, 30d
section 2021-Jul
CVE-2021-34527 :cve14, 2021-07-13, 30d
CVE-2021-34481 :cve16, 2021-07-13, 30d
section 2021-Mar
CVE-2021-26878 :cve17, 2021-03-09, 30d
CVE-2021-1640 :cve20, 2021-03-09, 30d
section 2021-Jan
CVE-2021-1695 :cve18, 2021-01-12, 30d
section 2021-Jun
CVE-2021-1675 :cve19, 2021-06-08, 30d
section 2020-Nov
CVE-2020-17042 :cve21, 2020-11-10, 30d
CVE-2020-17014 :cve22, 2020-11-10, 30d
CVE-2020-17001 :cve23, 2020-11-10, 30d
section 2020-Aug
CVE-2020-1337 :cve24, 2020-08-11, 30d
section 2020-May
CVE-2020-1070 :cve25, 2020-05-12, 30d
CVE-2020-1048 :cve26, 2020-05-12, 30d
section 2020-Sep
CVE-2020-1030 :cve27, 2020-09-08, 30d
section 2019-Mar
CVE-2019-0759 :cve28, 2019-03-12, 30d
section 2016-Jul
CVE-2016-3239 :cve29, 2016-07-12, 30d
CVE-2016-3238 :cve30, 2016-07-12, 30d
section 2013
CVE-2013-1339 :cve31, 2013-01-01, 30d
CVE-2013-0011 :cve32, 2013-01-01, 30d
section 2012
CVE-2012-1851 :cve33, 2012-01-01, 30d
section 2010
CVE-2010-2729 :cve34, 2010-01-01, 30d
section 2009
CVE-2009-0230 :cve35, 2009-01-01, 30d
CVE-2009-0229 :cve36, 2009-01-01, 30d
CVE-2009-0228 :cve37, 2009-01-01, 30d
section 2006
CVE-2006-6296 :cve38, 2006-01-01, 30d
section 2005
CVE-2005-1984 :cve39, 2005-01-01, 30d
section 2001
CVE-2001-1451 :cve40, 2001-01-01, 30d
section 1999
CVE-1999-0899 :cve41, 1999-01-01, 30d
CVE-1999-0898 :cve42, 1999-01-01, 30d
Raw
Windows-print-spooler-table.md
CVE Description Release Date KBs Acknowledgments
CVE-2022-23284 Windows Print Spooler Elevation of Privilege Vulnerability. 2022-03-08T08:00:00Z
10.0.10240.19235 - KB5011491
10.0.14393.5006 - KB5011495
10.0.17763.2686 - KB5011503
10.0.18363.2158 - KB5011485
10.0.19042.1586 - KB5011487
10.0.19043.1586 - KB5011487
10.0.19044.1586 - KB5011487
10.0.20348.580 - KB5011580
10.0.20348.587 - KB5011497
10.0.22000.556 - KB5011493
6.2.9200.23639 - KB5011527
6.2.9200.23645 - KB5011535
6.3.9600.20303 - KB5011560
6.3.9600.20303 - KB5011564
 JeongOh Kyea with THEORI
CVE-2022-22718 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-21999, CVE-2022-22717. 2022-02-08T08:00:00Z
10.0.10240.19204 - KB5010358
10.0.14393.4946 - KB5010359
10.0.17763.2565 - KB5010351
10.0.18363.2094 - KB5010345
10.0.19042.1526 - KB5010342
10.0.19043.1526 - KB5010342
10.0.19044.1526 - KB5010342
10.0.20348.524 - KB5010354
10.0.20348.525 - KB5010456
10.0.22000.493 - KB5010386
6.0.6003.21372 - KB5010403
6.0.6003.21374 - KB5010384
6.1.7601.25860 - KB5010404
6.1.7601.25860 - KB5010422
6.2.9200.23605 - KB5010392
6.2.9200.23605 - KB5010412
6.3.9600.20269 - KB5010395
6.3.9600.20269 - KB5010419
 NSFOCUS TIANJI Lab via TianfuCup
CVE-2022-22717 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-21999, CVE-2022-22718. 2022-02-08T08:00:00Z
10.0.10240.19204 - KB5010358
10.0.14393.4946 - KB5010359
10.0.17763.2565 - KB5010351
10.0.18363.2094 - KB5010345
10.0.19042.1526 - KB5010342
10.0.19043.1526 - KB5010342
10.0.19044.1526 - KB5010342
10.0.20348.524 - KB5010354
10.0.20348.525 - KB5010456
10.0.22000.493 - KB5010386
6.0.6003.21372 - KB5010403
6.0.6003.21374 - KB5010384
6.1.7601.25860 - KB5010404
6.1.7601.25860 - KB5010422
6.2.9200.23605 - KB5010392
6.2.9200.23605 - KB5010412
6.3.9600.20269 - KB5010395
6.3.9600.20269 - KB5010419
 Thibault Van Geluwe de Berlaere with Mandiant
CVE-2022-21999 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-22717, CVE-2022-22718. 2022-02-08T08:00:00Z
10.0.10240.19204 - KB5010358
10.0.14393.4946 - KB5010359
10.0.17763.2565 - KB5010351
10.0.18363.2094 - KB5010345
10.0.19042.1526 - KB5010342
10.0.19043.1526 - KB5010342
10.0.19044.1526 - KB5010342
10.0.20348.524 - KB5010354
10.0.20348.525 - KB5010456
10.0.22000.493 - KB5010386
6.0.6003.21372 - KB5010403
6.0.6003.21374 - KB5010384
6.1.7601.25860 - KB5010404
6.1.7601.25860 - KB5010422
6.2.9200.23605 - KB5010392
6.2.9200.23605 - KB5010412
6.3.9600.20269 - KB5010395
6.3.9600.20269 - KB5010419
 Xuefeng Li (@lxf02942370) & Zhiniang Peng (@edwardzpeng) of Sangfor Via Tianfu CUP
Oliver Lyak with Institut For Cyber Risk
CVE-2022-21997 Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21999, CVE-2022-22717, CVE-2022-22718. 2022-02-08T08:00:00Z
10.0.10240.19204 - KB5010358
10.0.14393.4946 - KB5010359
10.0.17763.2565 - KB5010351
10.0.18363.2094 - KB5010345
10.0.19042.1526 - KB5010342
10.0.19043.1526 - KB5010342
10.0.19044.1526 - KB5010342
10.0.20348.524 - KB5010354
10.0.20348.525 - KB5010456
10.0.22000.493 - KB5010386
6.0.6003.21372 - KB5010403
6.0.6003.21374 - KB5010384
6.1.7601.25860 - KB5010404
6.1.7601.25860 - KB5010422
6.2.9200.23605 - KB5010392
6.2.9200.23605 - KB5010412
6.3.9600.20269 - KB5010395
6.3.9600.20269 - KB5010419
 Bo Wu
CVE-2021-41333 Windows Print Spooler Elevation of Privilege Vulnerability 2021-12-14T08:00:00Z
10.0.10240.19145 - KB5008230
10.0.14393.4825 - KB5008207
10.0.17763.2366 - KB5008218
10.0.18363.1977 - KB5008206
10.0.19041.1415 - KB5008212
10.0.19042.1415 - KB5008212
10.0.19043.1415 - KB5008212
10.0.19044.1415 - KB5008212
10.0.20348.405 - KB5008223
10.0.22000.376 - KB5008215
6.0.6003.21309 - KB5008271
6.0.6003.21309 - KB5008274
6.1.7601.25796 - KB5008244
6.1.7601.25796 - KB5008282
6.2.9200.23540 - KB5008255
6.2.9200.23545 - KB5008277
6.3.9600.20207 - KB5008263
6.3.9600.20207 - KB5008285
 James Forshaw of Google Project Zero
Abdelhamid Naceri working with Trend Micro Zero Day Initiative
CVE-2021-41332 Windows Print Spooler Information Disclosure Vulnerability 2021-10-12T07:00:00Z
10.0.10240.19086 - KB5006675
10.0.14393.4704 - KB5006669
10.0.17763.2237 - KB5006672
10.0.18363.1854 - KB5006667
10.0.19041.1288 - KB5006670
10.0.19042.1288 - KB5006670
10.0.20348.288 - KB5006699
10.0.22000.258 - KB5006674
6.0.6003.21251 - KB5006715
6.0.6003.21251 - KB5006736
6.1.7601.25740 - KB5006728
6.1.7601.25740 - KB5006743
6.2.9200.23490 - KB5006732
6.2.9200.23490 - KB5006739
6.3.9600.20144 - KB5006714
6.3.9600.20144 - KB5006729
 Liubenjin with Codesafe Team of Legendsec at Qi'anxin Group
CVE-2021-40447 Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-38671. 2021-09-14T07:00:00Z
10.0.10240.19060 - KB5005569
10.0.14393.4651 - KB5005573
10.0.17763.2183 - KB5005568
10.0.18363.1801 - KB5005566
10.0.19043.1237 - KB5005565
10.0.20348.230 - KB5005575
6.0.6003.21218 - KB5005606
6.0.6003.21218 - KB5005618
6.1.7601.25712 - KB5005615
6.1.7601.25712 - KB5005633
6.2.9200.23462 - KB5005607
6.2.9200.23462 - KB5005623
6.3.9600.20120 - KB5005613
6.3.9600.20120 - KB5005627
CVE-2021-38671 Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-40447. 2021-09-14T07:00:00Z
10.0.10240.19060 - KB5005569
10.0.14393.4651 - KB5005573
10.0.17763.2183 - KB5005568
10.0.18363.1801 - KB5005566
10.0.19043.1237 - KB5005565
10.0.20348.230 - KB5005575
6.0.6003.21218 - KB5005606
6.0.6003.21218 - KB5005618
6.1.7601.25712 - KB5005615
6.1.7601.25712 - KB5005633
6.2.9200.23462 - KB5005607
6.2.9200.23462 - KB5005623
6.3.9600.20120 - KB5005613
6.3.9600.20120 - KB5005627
 Thibault Van Geluwe de Berlaere with Mandiant
CVE-2021-38667 Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38671, CVE-2021-40447. 2021-09-14T07:00:00Z
10.0.10240.19060 - KB5005569
10.0.14393.4651 - KB5005573
10.0.17763.2183 - KB5005568
10.0.18363.1801 - KB5005566
10.0.19043.1237 - KB5005565
10.0.20348.230 - KB5005575
6.0.6003.21218 - KB5005606
6.0.6003.21218 - KB5005618
6.1.7601.25712 - KB5005615
6.1.7601.25712 - KB5005633
6.2.9200.23462 - KB5005607
6.2.9200.23462 - KB5005623
6.3.9600.20120 - KB5005613
6.3.9600.20120 - KB5005627
CVE-2021-36970 Windows Print Spooler Spoofing Vulnerability 2021-10-12T07:00:00Z
10.0.10240.19086 - KB5006675
10.0.14393.4704 - KB5006669
10.0.17763.2237 - KB5006672
10.0.18363.1854 - KB5006667
10.0.19041.1288 - KB5006670
10.0.19042.1288 - KB5006670
10.0.20348.288 - KB5006699
10.0.22000.258 - KB5006674
6.0.6003.21251 - KB5006715
6.0.6003.21251 - KB5006736
6.1.7601.25740 - KB5006728
6.1.7601.25740 - KB5006743
6.2.9200.23490 - KB5006732
6.2.9200.23490 - KB5006739
6.3.9600.20144 - KB5006714
6.3.9600.20144 - KB5006729
 XueFeng Li and Zhiniang Peng with Sangfor
CVE-2021-36958 Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36947. 2021-08-10T07:00:00Z
10.0.10240.19060 - KB5005569
10.0.14393.4651 - KB5005573
10.0.17763.2183 - KB5005568
10.0.18363.1801 - KB5005566
10.0.19041.1237 - KB5005565
10.0.19042.1237 - KB5005565
10.0.19043.1237 - KB5005565
6.0.6003.21218 - KB5005606
6.0.6003.21218 - KB5005618
6.1.7601.25712 - KB5005615
6.1.7601.25712 - KB5005633
6.2.9200.23462 - KB5005607
6.2.9200.23462 - KB5005623
6.3.9600.20120 - KB5005613
6.3.9600.20120 - KB5005627
 Victor Mata of FusionX, Accenture Security
CVE-2021-36947 Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36958. 2021-08-10T07:00:00Z
10.0.10240.19022 - KB5005040
10.0.14393.4583 - KB5005043
10.0.17763.2114 - KB5005030
10.0.18363.1734 - KB5005031
10.0.19041.1165 - KB5005033
10.0.19042.1165 - KB5005033
10.0.19043.1165 - KB5005033
6.0.6003.21192 - KB5005090
6.0.6003.21192 - KB5005095
6.1.7601.25685 - KB5005088
6.1.7601.25685 - KB5005089
6.2.9200.23435 - KB5005094
6.2.9200.23435 - KB5005099
6.3.9600.20094 - KB5005076
6.3.9600.20094 - KB5005106
CVE-2021-36936 Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36947, CVE-2021-36958. 2021-08-10T07:00:00Z
10.0.10240.19022 - KB5005040
10.0.14393.4583 - KB5005043
10.0.17763.2114 - KB5005030
10.0.18363.1734 - KB5005031
10.0.19041.1165 - KB5005033
10.0.19042.1165 - KB5005033
10.0.19043.1165 - KB5005033
6.0.6003.21192 - KB5005090
6.0.6003.21192 - KB5005095
6.1.7601.25685 - KB5005088
6.1.7601.25685 - KB5005089
6.2.9200.23435 - KB5005094
6.2.9200.23435 - KB5005099
6.3.9600.20094 - KB5005076
6.3.9600.20094 - KB5005106
CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability 2021-07-13T07:00:00Z
10.0.10240.18969 - KB5004950
10.0.17763.2029 - KB5004947
10.0.18363.1646 - KB5004946
10.0.19041.1083 - KB5004945
10.0.19042.1083 - KB5004945
10.0.19043.1083 - KB5004945
6.0.6003.21138 - KB5004955
6.0.6003.21138 - KB5004959
6.1.7601.25633 - KB5004951
6.1.7601.25633 - KB5004953
6.3.9600.20046 - KB5004954
6.3.9600.20046 - KB5004958
None - KB5004948
None - KB5004956
None - KB5004960
 Zhiniang Peng (@edwardzpeng) and Xuefeng Li (@lxf02942370)
CVE-2021-34483 Windows Print Spooler Elevation of Privilege Vulnerability 2021-08-10T07:00:00Z
10.0.10240.19022 - KB5005040
10.0.14393.4583 - KB5005043
10.0.17763.2114 - KB5005030
10.0.18363.1734 - KB5005031
10.0.19041.1165 - KB5005033
10.0.19042.1165 - KB5005033
10.0.19043.1165 - KB5005033
6.0.6003.21192 - KB5005090
6.0.6003.21192 - KB5005095
6.1.7601.25685 - KB5005088
6.1.7601.25685 - KB5005089
6.2.9200.23435 - KB5005094
6.2.9200.23435 - KB5005099
6.3.9600.20094 - KB5005076
6.3.9600.20094 - KB5005106
 Thibault van Geluwe
Victor Mata of FusionX, Accenture Security
CVE-2021-34481 Windows Print Spooler Elevation of Privilege Vulnerability 2021-07-13T07:00:00Z
10.0.10240.19022 - KB5005040
10.0.14393.4583 - KB5005043
10.0.17763.2114 - KB5005030
10.0.18363.1734 - KB5005031
10.0.19041.1165 - KB5005033
10.0.19042.1165 - KB5005033
10.0.19043.1165 - KB5005033
6.0.6003.21192 - KB5005090
6.0.6003.21192 - KB5005095
6.1.7601.25685 - KB5005088
6.1.7601.25685 - KB5005089
6.2.9200.23435 - KB5005094
6.2.9200.23435 - KB5005099
6.3.9600.20094 - KB5005076
6.3.9600.20094 - KB5005106
 Jacob Baines
CVE-2021-26878 Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1640. 2021-03-09T08:00:00Z
None - KB5000802
None - KB5000803
None - KB5000807
None - KB5000808
None - KB5000809
None - KB5000822
None - KB5000840
None - KB5000841
None - KB5000844
None - KB5000847
None - KB5000848
None - KB5000851
None - KB5000853
None - KB5000856
 x
None
This vulnerability was discovered by Bryan de Houwer and Thibault van Geluwe de Berlaere.
CVE-2021-1695 Windows Print Spooler Elevation of Privilege Vulnerability 2021-01-12T08:00:00Z
None - KB4598229
None - KB4598230
None - KB4598231
None - KB4598242
None - KB4598243
None - KB4598245
None - KB4598275
None - KB4598278
None - KB4598279
None - KB4598285
None - KB4598287
None - KB4598288
None - KB4598289
None - KB4598297
 JeongOh Kyea of THEORI working with Trend Micro Zero Day Initiative
CVE-2021-1675 Windows Print Spooler Elevation of Privilege Vulnerability 2021-06-08T07:00:00Z
10.0.10240.18967 - KB5003687
10.0.14393.4467 - KB5003638
10.0.17763.1999 - KB5003646
10.0.18363.1621 - KB5003635
10.0.19041.1052 - KB5003637
10.0.19042.1052 - KB5003637
10.0.19043.1052 - KB5003637
6.0.6003.21137 - KB5003661
6.0.6003.21137 - KB5003695
6.1.7601.25632 - KB5003667
6.1.7601.25632 - KB5003694
6.2.9200.23372 - KB5003696
6.2.9200.23372 - KB5003697
6.3.9600.20044 - KB5003681
6.3.9600.20045 - KB5003671
 Yunhai Zhang of NSFOCUS TIANJI LAB https://www.nsfocus.com.cn/
Piotr Madej of AFINE
Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab 
CVE-2021-1640 Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26878. 2021-03-09T08:00:00Z
None - KB5000802
None - KB5000803
None - KB5000807
None - KB5000808
None - KB5000809
None - KB5000822
None - KB5000840
None - KB5000841
None - KB5000844
None - KB5000847
None - KB5000848
None - KB5000851
None - KB5000853
None - KB5000856
 Blaz Satler and Ziga Sumenjak of 0patch
JeongOh Kyea (@kkokkokye) of THEORI working with Trend Micro Zero Day Initiative
CVE-2020-17042 Windows Print Spooler Remote Code Execution Vulnerability 2020-11-10T08:00:00Z
None - KB4586781
None - KB4586785
None - KB4586786
None - KB4586787
None - KB4586793
None - KB4586805
None - KB4586807
None - KB4586808
None - KB4586817
None - KB4586823
None - KB4586827
None - KB4586830
None - KB4586834
None - KB4586845
 HyungSeok Han(@DaramG) and JeongOh Kyea(@kkokkokye) of THEORI
CVE-2020-17014 Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001. 2020-11-10T08:00:00Z
None - KB4586781
None - KB4586785
None - KB4586786
None - KB4586787
None - KB4586793
None - KB4586805
None - KB4586807
None - KB4586808
None - KB4586817
None - KB4586823
None - KB4586827
None - KB4586830
None - KB4586834
None - KB4586845
 Zhiniang Peng (@edwardzpeng & Xuefeng Li (@lxf02942370
JeongOh Kyea (@kkokkokye) of THEORI working with Trend Micro Zero Day Initiative
CVE-2020-17001 Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014. 2020-11-10T08:00:00Z
None - KB4586781
None - KB4586785
None - KB4586786
None - KB4586787
None - KB4586793
None - KB4586805
None - KB4586807
None - KB4586808
None - KB4586817
None - KB4586823
None - KB4586827
None - KB4586830
None - KB4586834
None - KB4586845
 James Forshaw of Google Project Zero
CVE-2020-1337 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. 2020-08-11T07:00:00Z
None - KB4565349
None - KB4565351
None - KB4566782
None - KB4571692
None - KB4571694
None - KB4571702
None - KB4571703
None - KB4571709
None - KB4571719
None - KB4571723
None - KB4571729
None - KB4571730
None - KB4571736
None - KB4571741
None - KB4571746
 Peleg Hadar (@peleghd) and Tomer Bar of SafeBreach Labs.
EoP Master working with iDefense Labs, Accenture.
Vte. Javier García Mayén
Junyu Zhou (@md5_salt) of Tencent Security Xuanwu Lab and Wenxu Wu
Anonymous working with Trend Micro's Zero Day Initiative
Alex Ionescu, CrowdStrike Inc.
Paolo Stagno aka VoidSec
Zhiniang Peng (@edwardzpeng) & Xuefeng Li
CVE-2020-1070 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1048. 2020-05-12T07:00:00Z
None - KB4551853
None - KB4556799
None - KB4556807
None - KB4556812
None - KB4556813
None - KB4556826
None - KB4556836
None - KB4556840
None - KB4556843
None - KB4556846
None - KB4556852
None - KB4556853
None - KB4556854
None - KB4556860
 JeongOh Kyea of THEORI
CVE-2020-1048 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070. 2020-05-12T07:00:00Z
None - KB4551853
None - KB4556799
None - KB4556807
None - KB4556812
None - KB4556813
None - KB4556826
None - KB4556836
None - KB4556840
None - KB4556843
None - KB4556846
None - KB4556852
None - KB4556853
None - KB4556854
None - KB4556860
 Peleg Hadar (@peleghd) and Tomer Bar of SafeBreach Labs
CVE-2020-1030 An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. 2020-09-08T07:00:00Z
None - KB4570333
None - KB4571756
None - KB4574727
None - KB4577015
None - KB4577032
None - KB4577038
None - KB4577041
None - KB4577048
None - KB4577049
None - KB4577051
None - KB4577053
None - KB4577064
None - KB4577066
None - KB4577070
None - KB4577071
 Victor Mata of FusionX, Accenture Security
JeongOh Kyea (@kkokkokye) of THEORI
CVE-2019-0759 An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'. 2019-03-12T07:00:00Z
None - KB4489868
None - KB4489871
None - KB4489872
None - KB4489876
None - KB4489878
None - KB4489880
None - KB4489881
None - KB4489882
None - KB4489883
None - KB4489884
None - KB4489885
None - KB4489886
None - KB4489891
None - KB4489899
 Ke Liu of Tencent Security Xuanwu Lab
CVE-2016-3239 The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via vectors involving filesystem write operations, aka "Windows Print Spooler Elevation of Privilege Vulnerability." 2016-07-12T07:00:00Z
None - KB3163912
None - KB3163912
None - KB3172985
None - KB3172985
 None
Shanti Lindström, Individual
CVE-2016-3238 The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbitrary code by providing a crafted print driver during printer installation, aka "Windows Print Spooler Remote Code Execution Vulnerability." 2016-07-12T07:00:00Z
None - KB3170455
None - KB3170455
None - KB3170455
None - KB3170455
None - KB3170455
None - KB4038777
None - KB4038777
None - KB4038777
None - KB4038777
None - KB4038777
None - KB4038779
None - KB4038779
None - KB4038779
None - KB4038779
None - KB4038779
None - KB4038781
None - KB4038781
None - KB4038782
None - KB4038782
None - KB4038782
None - KB4038782
None - KB4038783
None - KB4038783
None - KB4038786
None - KB4038786
None - KB4038792
None - KB4038792
None - KB4038792
None - KB4038792
None - KB4038793
None - KB4038793
None - KB4038793
None - KB4038793
None - KB4038799
None - KB4038799
 Nicolas Beauchesne of Vectra Networks
CVE-2013-1339 The Print Spooler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly manage memory during deletion of printer connections, which allows remote authenticated users to execute arbitrary code via a crafted request, aka "Print Spooler Vulnerability." None
CVE-2013-0011 The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted print job, aka "Windows Print Spooler Components Vulnerability." None
CVE-2012-1851 Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spooler Service Format String Vulnerability." None
CVE-2010-2729 The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when printer sharing is enabled, does not properly validate spooler access permissions, which allows remote attackers to create files in a system directory, and consequently execute arbitrary code, by sending a crafted print request over RPC, as exploited in the wild in September 2010, aka "Print Spooler Service Impersonation Vulnerability." None
CVE-2009-0230 The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler Load Library Vulnerability." None
CVE-2009-0229 The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka "Print Spooler Read File Vulnerability." None
CVE-2009-0228 Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC request, related to "printing data structures," aka "Buffer Overflow in Print Spooler Vulnerability." None
CVE-2006-6296 The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644. None
CVE-2005-1984 Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. None
CVE-2001-1451 Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests. None
CVE-1999-0899 The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. None
CVE-1999-0898 Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. None
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment