Google

Chrome

3675 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-1241

Exploit
  • EPSS 2.19%
  • Veröffentlicht 19.04.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts ...

5

CVE-2015-1240

  • EPSS 1.36%
  • Veröffentlicht 19.04.2015 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.

7.5

CVE-2015-1238

  • EPSS 1.83%
  • Veröffentlicht 19.04.2015 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

7.5

CVE-2015-1237

  • EPSS 1.83%
  • Veröffentlicht 19.04.2015 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impa...

4.3

CVE-2015-1236

  • EPSS 0.6%
  • Veröffentlicht 19.04.2015 10:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy...

5

CVE-2015-1235

  • EPSS 1.13%
  • Veröffentlicht 19.04.2015 10:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME...

6.8

CVE-2015-1234

  • EPSS 3.16%
  • Veröffentlicht 01.04.2015 21:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES command...

7.5

CVE-2015-1233

  • EPSS 26.28%
  • Veröffentlicht 01.04.2015 21:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors.

4.3

CVE-2015-2239

  • EPSS 0.36%
  • Veröffentlicht 09.03.2015 00:59:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome before 41.0.2272.76, when Instant Extended mode is used, does not properly consider the interaction between the "1993 search" features and restore-from-disk RELOAD transitions, which makes it easier for remote attackers to spoof the add...

7.5

CVE-2015-2238

  • EPSS 0.11%
  • Veröffentlicht 09.03.2015 00:59:28
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.