VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2014-7925Jan 22, 2015
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode

  • CVE-2014-7924Jan 22, 2015
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_

  • CVE-2014-7923Jan 22, 2015
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vector

  • CVE-2014-7910Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2014-7909Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data.

  • CVE-2014-7908Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data.

  • CVE-2014-7907Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger imp

  • CVE-2014-7906Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of t

  • CVE-2014-7905Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site.

  • CVE-2014-7904Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2014-7903Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image.

  • CVE-2014-7902Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.

  • CVE-2014-7901Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long seg

  • CVE-2014-7900Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a c

  • CVE-2014-7899Nov 19, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string.

  • CVE-2014-0574Nov 11, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attacker

  • CVE-2014-3200Oct 8, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2014-3199Oct 8, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that

  • CVE-2014-3198Oct 8, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds re

  • CVE-2014-3197Oct 8, 2014
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive in

Page 185 of 203