Max CVSS 7.5 Min CVSS 4.3 Total Count30
IDCVSSSummaryLast (major) updatePublished
CVE-2015-1265 7.5
Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1264 4.3
Cross-site scripting (XSS) vulnerability in Google Chrome before 43.0.2357.65 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted data that is improperly handled by the Bookmarks feature.
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1263 4.3
The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecifie
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1262 7.5
platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via craf
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1260 7.5
Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impac
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1259 7.5
PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1258 7.5
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1257 7.5
platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, does not properly handle an insufficient number of values in an feColorMatrix filter, which allows remote attackers to cause
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1256 7.5
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improp
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1255 6.8
Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc in the WebAudio implementation in Google Chrome before 43.0.2357.65 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unsp
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1254 5.0
core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1253 7.5
core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element,
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1252 7.5
common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via vectors that trigger
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1251 6.8
Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document.
02-01-2017 - 21:59 20-05-2015 - 06:59
CVE-2015-1250 7.5
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
02-01-2017 - 21:59 01-05-2015 - 06:59
CVE-2015-1248 4.3
The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:ht
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1247 5.0
The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote at
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1246 5.0
Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1245 6.8
Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap me
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1244 5.0
The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sen
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1243 7.5
Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or poss
02-01-2017 - 21:59 01-05-2015 - 06:59
CVE-2015-1242 7.5
The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1241 4.3
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1240 5.0
gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1238 7.5
Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1237 7.5
Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impa
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1236 4.3
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1235 5.0
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME
02-01-2017 - 21:59 19-04-2015 - 06:59
CVE-2015-1234 6.8
Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES command
21-12-2016 - 21:59 01-04-2015 - 17:59
CVE-2015-1233 7.5
Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors.
21-12-2016 - 21:59 01-04-2015 - 17:59
Back to Top Mark selected
Back to Top