CVE-2015-1295
- EPSS 1.57%
- Veröffentlicht 03.09.2015 22:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have u...
CVE-2015-1294
- EPSS 1.59%
- Veröffentlicht 03.09.2015 22:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by tri...
CVE-2015-1293
- EPSS 1.54%
- Veröffentlicht 03.09.2015 22:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The DOM implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- EPSS 1.57%
- Veröffentlicht 03.09.2015 22:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker.
CVE-2015-1291
- EPSS 1.71%
- Veröffentlicht 03.09.2015 22:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not check whether a node is expected, which allows remote attackers to bypass the Same Origin Policy or cause a d...
- EPSS 1.52%
- Veröffentlicht 23.07.2015 00:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an...
CVE-2015-1289
- EPSS 1.34%
- Veröffentlicht 23.07.2015 00:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2015-1288
- EPSS 1.08%
- Veröffentlicht 23.07.2015 00:59:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecifie...
CVE-2015-1287
- EPSS 1.47%
- Veröffentlicht 23.07.2015 00:59:16
- Zuletzt bearbeitet 06.05.2026 22:30:45
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Sam...
CVE-2015-1286
- EPSS 1.88%
- Veröffentlicht 23.07.2015 00:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML b...