Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-1283 6.8
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec
05-07-2022 - 18:57 23-07-2015 - 00:59
CVE-2015-5605 5.0
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1276 7.5
Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1273 6.8
Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF do
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1278 4.3
content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted doc
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1279 7.5
Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2/JBig2_Image.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspeci
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1271 6.8
PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a c
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1287 4.3
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Sam
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1272 7.5
Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChanne
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1289 7.5
Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1282 6.8
Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF do
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1274 6.8
Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open f
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1270 6.8
The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a d
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1277 7.5
Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for acc
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1281 4.3
core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image fr
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1284 7.5
The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (inva
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1275 4.3
Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browser/UrlUtilities.java in Google Chrome before 44.0.2403.89 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted intent: URL, as demonstrated by a t
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1285 5.0
The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sens
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1288 6.8
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecifie
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1286 4.3
Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML b
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1280 7.5
SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing cra
30-10-2018 - 16:27 23-07-2015 - 00:59
CVE-2015-1290 9.3
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.
02-02-2018 - 14:20 09-01-2018 - 16:29
Back to Top Mark selected
Back to Top