CVE-2014-9657
- EPSS 5.06%
- Veröffentlicht 08.02.2015 11:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a cr...
CVE-2014-9656
- EPSS 4.58%
- Veröffentlicht 08.02.2015 11:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impa...
- EPSS 11.56%
- Veröffentlicht 06.02.2015 15:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
CVE-2015-1212
- EPSS 2.16%
- Veröffentlicht 06.02.2015 11:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-1211
- EPSS 2.15%
- Veröffentlicht 06.02.2015 11:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI sc...
- EPSS 1.99%
- Veröffentlicht 06.02.2015 11:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly c...
CVE-2015-1209
- EPSS 2.85%
- Veröffentlicht 06.02.2015 11:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before...
CVE-2015-0236
- EPSS 1.8%
- Veröffentlicht 29.01.2015 15:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interf...
CVE-2015-1346
- EPSS 1.17%
- Veröffentlicht 22.01.2015 22:59:29
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-1205
- EPSS 1.81%
- Veröffentlicht 22.01.2015 22:59:28
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.