- EPSS 1.37%
- Veröffentlicht 23.07.2015 00:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sens...
CVE-2015-1284
- EPSS 2.17%
- Veröffentlicht 23.07.2015 00:59:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (inva...
CVE-2015-1283
- EPSS 19.07%
- Veröffentlicht 23.07.2015 00:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec...
CVE-2015-1282
- EPSS 1.58%
- Veröffentlicht 23.07.2015 00:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF do...
CVE-2015-1281
- EPSS 1.71%
- Veröffentlicht 23.07.2015 00:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image fr...
CVE-2015-1280
- EPSS 1.57%
- Veröffentlicht 23.07.2015 00:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing cra...
CVE-2015-1279
- EPSS 2.15%
- Veröffentlicht 23.07.2015 00:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2/JBig2_Image.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspeci...
CVE-2015-1278
- EPSS 1.84%
- Veröffentlicht 23.07.2015 00:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted doc...
CVE-2015-1277
- EPSS 1.62%
- Veröffentlicht 23.07.2015 00:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for acc...
CVE-2015-1275
- EPSS 1.6%
- Veröffentlicht 23.07.2015 00:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browser/UrlUtilities.java in Google Chrome before 44.0.2403.89 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted intent: URL, as demonstrated by a t...