Google

Chrome

3675 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-1257

  • EPSS 2.14%
  • Veröffentlicht 20.05.2015 10:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, does not properly handle an insufficient number of values in an feColorMatrix filter, which allows remote attackers to cause...

7.5

CVE-2015-1256

  • EPSS 2.14%
  • Veröffentlicht 20.05.2015 10:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improp...

6.8

CVE-2015-1255

  • EPSS 1.58%
  • Veröffentlicht 20.05.2015 10:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc in the WebAudio implementation in Google Chrome before 43.0.2357.65 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unsp...

5

CVE-2015-1254

  • EPSS 1.4%
  • Veröffentlicht 20.05.2015 10:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.

7.5

CVE-2015-1253

  • EPSS 0.94%
  • Veröffentlicht 20.05.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element,...

7.5

CVE-2015-1252

  • EPSS 1.24%
  • Veröffentlicht 20.05.2015 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via vectors that trigger ...

6.8

CVE-2015-1251

  • EPSS 4.45%
  • Veröffentlicht 20.05.2015 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document.

7.5

CVE-2015-1243

  • EPSS 1.76%
  • Veröffentlicht 01.05.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or poss...

7.5

CVE-2015-1250

  • EPSS 1.1%
  • Veröffentlicht 01.05.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

4.3

CVE-2015-3336

Exploit
  • EPSS 0.89%
  • Veröffentlicht 19.04.2015 10:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruptio...