Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.7%
  • Veröffentlicht 15.10.2015 10:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets (CSS) implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's ...

  • EPSS 1.05%
  • Veröffentlicht 15.10.2015 10:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cau...

  • EPSS 1.4%
  • Veröffentlicht 15.10.2015 10:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or w...

  • EPSS 1.43%
  • Veröffentlicht 15.10.2015 10:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of s...

  • EPSS 1.42%
  • Veröffentlicht 15.10.2015 10:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to ...

  • EPSS 1.66%
  • Veröffentlicht 15.10.2015 10:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified othe...

  • EPSS 1.32%
  • Veröffentlicht 15.10.2015 10:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have un...

  • EPSS 2.1%
  • Veröffentlicht 15.10.2015 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows...

  • EPSS 1.76%
  • Veröffentlicht 12.10.2015 01:59:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call...

  • EPSS 1.73%
  • Veröffentlicht 12.10.2015 01:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a ...