CVE-2015-6583
- EPSS 1.38%
- Veröffentlicht 03.09.2015 22:59:16
- Zuletzt bearbeitet 06.05.2026 22:30:45
Google Chrome before 45.0.2454.85 does not display a location bar for a hosted app's window after navigation away from the installation site, which might make it easier for remote attackers to spoof content via a crafted app, related to browser.cc an...
CVE-2015-6582
- EPSS 0.89%
- Veröffentlicht 03.09.2015 22:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote attackers to cause a denial of service (uninitialize...
CVE-2015-6581
- EPSS 2.68%
- Veröffentlicht 03.09.2015 22:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of servic...
CVE-2015-6580
- EPSS 0.63%
- Veröffentlicht 03.09.2015 22:59:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-1301
- EPSS 1.37%
- Veröffentlicht 03.09.2015 22:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 45.0.2454.85 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- EPSS 1.75%
- Veröffentlicht 03.09.2015 22:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not properly restrict the availability of IFRAME Resource Timing API times, which al...
CVE-2015-1298
- EPSS 1.33%
- Veröffentlicht 03.09.2015 22:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The RuntimeEventRouter::OnExtensionUninstalled function in extensions/browser/api/runtime/runtime_api.cc in Google Chrome before 45.0.2454.85 does not ensure that the setUninstallURL preference corresponds to the URL of a web site, which allows user-...
CVE-2015-1299
- EPSS 1.69%
- Veröffentlicht 03.09.2015 22:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firin...
CVE-2015-1297
- EPSS 2.24%
- Veröffentlicht 03.09.2015 22:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The WebRequest API implementation in extensions/browser/api/web_request/web_request_api.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intend...
- EPSS 1.47%
- Veröffentlicht 03.09.2015 22:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The UnescapeURLWithAdjustmentsImpl implementation in net/base/escape.cc in Google Chrome before 45.0.2454.85 does not prevent display of Unicode LOCK characters in the omnibox, which makes it easier for remote attackers to spoof the SSL lock icon by ...