Google

Chrome

3758 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-1245

  • EPSS 1.83%
  • Veröffentlicht 19.04.2015 10:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap me...

5

CVE-2015-1244

  • EPSS 1.11%
  • Veröffentlicht 19.04.2015 10:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sen...

7.5

CVE-2015-1242

  • EPSS 1.65%
  • Veröffentlicht 19.04.2015 10:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via ...

4.3

CVE-2015-1241

Exploit
  • EPSS 2.83%
  • Veröffentlicht 19.04.2015 10:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts ...

5

CVE-2015-1240

  • EPSS 1.36%
  • Veröffentlicht 19.04.2015 10:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.

7.5

CVE-2015-1238

  • EPSS 1.83%
  • Veröffentlicht 19.04.2015 10:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

7.5

CVE-2015-1237

  • EPSS 1.83%
  • Veröffentlicht 19.04.2015 10:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impa...

4.3

CVE-2015-1236

  • EPSS 0.6%
  • Veröffentlicht 19.04.2015 10:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy...

5

CVE-2015-1235

  • EPSS 1.13%
  • Veröffentlicht 19.04.2015 10:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME...

6.8

CVE-2015-1234

  • EPSS 3.16%
  • Veröffentlicht 01.04.2015 21:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES command...