Google

Chrome

3771 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-1301

  • EPSS 0.75%
  • Veröffentlicht 03.09.2015 22:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google Chrome before 45.0.2454.85 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

5

CVE-2015-1300

  • EPSS 0.91%
  • Veröffentlicht 03.09.2015 22:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not properly restrict the availability of IFRAME Resource Timing API times, which al...

4.3

CVE-2015-1298

  • EPSS 0.83%
  • Veröffentlicht 03.09.2015 22:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The RuntimeEventRouter::OnExtensionUninstalled function in extensions/browser/api/runtime/runtime_api.cc in Google Chrome before 45.0.2454.85 does not ensure that the setUninstallURL preference corresponds to the URL of a web site, which allows user-...

7.5

CVE-2015-1299

  • EPSS 1.87%
  • Veröffentlicht 03.09.2015 22:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firin...

7.5

CVE-2015-1297

  • EPSS 0.87%
  • Veröffentlicht 03.09.2015 22:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebRequest API implementation in extensions/browser/api/web_request/web_request_api.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intend...

5

CVE-2015-1296

  • EPSS 0.87%
  • Veröffentlicht 03.09.2015 22:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The UnescapeURLWithAdjustmentsImpl implementation in net/base/escape.cc in Google Chrome before 45.0.2454.85 does not prevent display of Unicode LOCK characters in the omnibox, which makes it easier for remote attackers to spoof the SSL lock icon by ...

7.5

CVE-2015-1295

  • EPSS 1.23%
  • Veröffentlicht 03.09.2015 22:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have u...

7.5

CVE-2015-1294

  • EPSS 1.08%
  • Veröffentlicht 03.09.2015 22:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by tri...

7.5

CVE-2015-1293

  • EPSS 0.5%
  • Veröffentlicht 03.09.2015 22:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The DOM implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

5

CVE-2015-1292

  • EPSS 0.6%
  • Veröffentlicht 03.09.2015 22:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker.