VYPR

Chrome

by Google

Source repositories

CVEs (5,320)

  • CVE-2015-2239Mar 9, 2015
    risk 0.00cvss epss 0.01

    Google Chrome before 41.0.2272.76, when Instant Extended mode is used, does not properly consider the interaction between the "1993 search" features and restore-from-disk RELOAD transitions, which makes it easier for remote attackers to spoof the address bar for a search-results…

  • CVE-2015-2238Mar 9, 2015
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2015-1232Mar 9, 2015
    risk 0.00cvss epss 0.01

    Array index error in the MidiManagerUsb::DispatchSendMidiData function in media/midi/midi_manager_usb.cc in Google Chrome before 41.0.2272.76 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging renderer access to provide…

  • CVE-2015-1231Mar 9, 2015
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2015-1230Mar 9, 2015
    risk 0.00cvss epss 0.02

    The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact…

  • CVE-2015-1229Mar 9, 2015
    risk 0.00cvss epss 0.01

    net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted…

  • CVE-2015-1228Mar 9, 2015
    risk 0.00cvss epss 0.01

    The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a…

  • CVE-2015-1227Mar 9, 2015
    risk 0.00cvss epss 0.01

    The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an…

  • CVE-2015-1226Mar 9, 2015
    risk 0.00cvss epss 0.01

    The DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 41.0.2272.76 does not properly restrict what URLs are available as debugger targets, which allows remote attackers to bypass intended access restrictions via a…

  • CVE-2015-1225Mar 9, 2015
    risk 0.00cvss epss 0.01

    PDFium, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2015-1224Mar 9, 2015
    risk 0.00cvss epss 0.02

    The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of…

  • CVE-2015-1223Mar 9, 2015
    risk 0.00cvss epss 0.02

    Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger…

  • CVE-2015-1222Mar 9, 2015
    risk 0.00cvss epss 0.01

    Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified…

  • CVE-2015-1221Mar 9, 2015
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's…

  • CVE-2015-1220Mar 9, 2015
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a…

  • CVE-2015-1219Mar 9, 2015
    risk 0.00cvss epss 0.01

    Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted…

  • CVE-2015-1218Mar 9, 2015
    risk 0.00cvss epss 0.01

    Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to…

  • CVE-2015-1217Mar 9, 2015
    risk 0.00cvss epss 0.02

    The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or…

  • CVE-2015-1216Mar 9, 2015
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have…

  • CVE-2015-1215Mar 9, 2015
    risk 0.00cvss epss 0.02

    The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.

Page 216 of 266