Google

Chrome

3771 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-1253

  • EPSS 0.94%
  • Veröffentlicht 20.05.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element,...

7.5

CVE-2015-1252

  • EPSS 1.24%
  • Veröffentlicht 20.05.2015 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via vectors that trigger ...

6.8

CVE-2015-1251

  • EPSS 4.45%
  • Veröffentlicht 20.05.2015 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document.

7.5

CVE-2015-1243

  • EPSS 1.77%
  • Veröffentlicht 01.05.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or poss...

7.5

CVE-2015-1250

  • EPSS 1.08%
  • Veröffentlicht 01.05.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

4.3

CVE-2015-3336

Exploit
  • EPSS 0.89%
  • Veröffentlicht 19.04.2015 10:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote attackers to cause a denial of service (UI disruptio...

7.5

CVE-2015-3335

Exploit
  • EPSS 2.07%
  • Veröffentlicht 19.04.2015 10:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might ...

4.3

CVE-2015-3334

Exploit
  • EPSS 0.51%
  • Veröffentlicht 19.04.2015 10:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

browser/ui/website_settings/website_settings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for use...

7.5

CVE-2015-3333

  • EPSS 0.26%
  • Veröffentlicht 19.04.2015 10:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5

CVE-2015-1249

  • EPSS 1.5%
  • Veröffentlicht 19.04.2015 10:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.