VYPR

Chrome

by Google

Source repositories

CVEs (5,320)

  • CVE-2014-7944Jan 22, 2015
    risk 0.00cvss epss 0.02

    The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 40.0.2214.91, does not properly handle odd values of image width, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF…

  • CVE-2014-7943Jan 22, 2015
    risk 0.00cvss epss 0.02

    Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2014-7942Jan 22, 2015
    risk 0.00cvss epss 0.02

    The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • CVE-2014-7941Jan 22, 2015
    risk 0.00cvss epss 0.02

    The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via…

  • CVE-2014-7940Jan 22, 2015
    risk 0.00cvss epss 0.02

    The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or…

  • CVE-2014-7939Jan 22, 2015
    risk 0.00cvss epss 0.03

    Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options:…

  • CVE-2014-7938Jan 22, 2015
    risk 0.00cvss epss 0.02

    The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2014-7937Jan 22, 2015
    risk 0.00cvss epss 0.02

    Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data.

  • CVE-2014-7936Jan 22, 2015
    risk 0.00cvss epss 0.01

    Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact…

  • CVE-2014-7935Jan 22, 2015
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed…

  • CVE-2014-7934Jan 22, 2015
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures.

  • CVE-2014-7933Jan 22, 2015
    risk 0.00cvss epss 0.03

    Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted…

  • CVE-2014-7932Jan 22, 2015
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors…

  • CVE-2014-7931Jan 22, 2015
    risk 0.00cvss epss 0.02

    factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers.

  • CVE-2014-7930Jan 22, 2015
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that…

  • CVE-2014-7929Jan 22, 2015
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have…

  • CVE-2014-7928Jan 22, 2015
    risk 0.00cvss epss 0.04

    hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers an…

  • CVE-2014-7927Jan 22, 2015
    risk 0.00cvss epss 0.04

    The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly…

  • CVE-2014-7926Jan 22, 2015
    risk 0.00cvss epss 0.02

    The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via…

  • CVE-2014-7925Jan 22, 2015
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which…

Page 218 of 266