CVE-2015-1282
- EPSS 1.58%
- Veröffentlicht 23.07.2015 00:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF do...
CVE-2015-1281
- EPSS 1.71%
- Veröffentlicht 23.07.2015 00:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image fr...
CVE-2015-1280
- EPSS 1.57%
- Veröffentlicht 23.07.2015 00:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing cra...
CVE-2015-1279
- EPSS 2.15%
- Veröffentlicht 23.07.2015 00:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2/JBig2_Image.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspeci...
CVE-2015-1278
- EPSS 1.84%
- Veröffentlicht 23.07.2015 00:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted doc...
CVE-2015-1277
- EPSS 1.62%
- Veröffentlicht 23.07.2015 00:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for acc...
CVE-2015-1276
- EPSS 1.6%
- Veröffentlicht 23.07.2015 00:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact...
CVE-2015-1274
- EPSS 3.62%
- Veröffentlicht 23.07.2015 00:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open f...
CVE-2015-1273
- EPSS 1.54%
- Veröffentlicht 23.07.2015 00:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF do...
CVE-2015-1272
- EPSS 1.62%
- Veröffentlicht 23.07.2015 00:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChanne...