Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.6%
  • Veröffentlicht 23.07.2015 00:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

  • EPSS 3.62%
  • Veröffentlicht 23.07.2015 00:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open f...

  • EPSS 1.54%
  • Veröffentlicht 23.07.2015 00:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF do...

  • EPSS 1.62%
  • Veröffentlicht 23.07.2015 00:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChanne...

  • EPSS 1.86%
  • Veröffentlicht 23.07.2015 00:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a c...

  • EPSS 2.73%
  • Veröffentlicht 23.07.2015 00:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a d...

  • EPSS 2.31%
  • Veröffentlicht 26.06.2015 14:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

bindings/scripts/v8_types.py in Blink, as used in Google Chrome before 43.0.2357.130, does not properly select a creation context for a return value's DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript ...

  • EPSS 1.76%
  • Veröffentlicht 26.06.2015 14:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The DecodeHSTSPreloadRaw function in net/http/transport_security_state.cc in Google Chrome before 43.0.2357.130 does not properly canonicalize DNS hostnames before making comparisons to HSTS or HPKP preload entries, which allows remote attackers to b...

  • EPSS 1.49%
  • Veröffentlicht 26.06.2015 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Blink, as used in Google Chrome before 43.0.2357.130, does not properly restrict the creation context during creation of a DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that uses a Blink publi...

  • EPSS 1.49%
  • Veröffentlicht 26.06.2015 14:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

content/browser/webui/content_web_ui_controller_factory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInstance, which allows remote attackers to bypass inten...