CVE-2016-1615
- EPSS 1.66%
- Veröffentlicht 25.01.2016 11:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors.
CVE-2016-1614
- EPSS 1.04%
- Veröffentlicht 25.01.2016 11:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensi...
CVE-2016-1613
- EPSS 1.09%
- Veröffentlicht 25.01.2016 11:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document...
CVE-2016-1612
- EPSS 1.13%
- Veröffentlicht 25.01.2016 11:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of s...
CVE-2015-8664
- EPSS 5.23%
- Veröffentlicht 24.12.2015 03:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel arra...
- EPSS 3.96%
- Veröffentlicht 24.12.2015 03:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_m...
- EPSS 1.2%
- Veröffentlicht 14.12.2015 11:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478.
CVE-2015-6790
- EPSS 1.36%
- Veröffentlicht 14.12.2015 11:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary...
- EPSS 1.6%
- Veröffentlicht 14.12.2015 11:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-6789
- EPSS 1.71%
- Veröffentlicht 14.12.2015 11:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated ...