Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 99.86%
  • Veröffentlicht 21.05.2015 00:59:00
  • Zuletzt bearbeitet 27.05.2026 17:16:21

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie...

  • EPSS 0.89%
  • Veröffentlicht 20.05.2015 10:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • EPSS 7.86%
  • Veröffentlicht 20.05.2015 10:59:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • EPSS 1.18%
  • Veröffentlicht 20.05.2015 10:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in Google Chrome before 43.0.2357.65 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted data that is improperly handled by the Bookmarks feature.

  • EPSS 0.99%
  • Veröffentlicht 20.05.2015 10:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecifie...

  • EPSS 1.58%
  • Veröffentlicht 20.05.2015 10:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via craf...

  • EPSS 1.42%
  • Veröffentlicht 20.05.2015 10:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which allows remote attacke...

  • EPSS 1.65%
  • Veröffentlicht 20.05.2015 10:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impac...

  • EPSS 1.41%
  • Veröffentlicht 20.05.2015 10:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

  • EPSS 2.4%
  • Veröffentlicht 20.05.2015 10:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have...