Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.37%
  • Veröffentlicht 23.07.2015 00:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sens...

  • EPSS 2.17%
  • Veröffentlicht 23.07.2015 00:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (inva...

  • EPSS 19.07%
  • Veröffentlicht 23.07.2015 00:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec...

  • EPSS 1.58%
  • Veröffentlicht 23.07.2015 00:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF do...

  • EPSS 1.71%
  • Veröffentlicht 23.07.2015 00:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image fr...

  • EPSS 1.57%
  • Veröffentlicht 23.07.2015 00:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing cra...

  • EPSS 2.15%
  • Veröffentlicht 23.07.2015 00:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2/JBig2_Image.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspeci...

  • EPSS 1.84%
  • Veröffentlicht 23.07.2015 00:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted doc...

  • EPSS 1.62%
  • Veröffentlicht 23.07.2015 00:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for acc...

  • EPSS 1.6%
  • Veröffentlicht 23.07.2015 00:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browser/UrlUtilities.java in Google Chrome before 44.0.2403.89 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted intent: URL, as demonstrated by a t...