Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-1299 | 7.5 |
Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firin
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1292 | 5.0 |
The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker.
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1297 | 7.5 |
The WebRequest API implementation in extensions/browser/api/web_request/web_request_api.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intend
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1294 | 7.5 |
Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by tri
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1298 | 4.3 |
The RuntimeEventRouter::OnExtensionUninstalled function in extensions/browser/api/runtime/runtime_api.cc in Google Chrome before 45.0.2454.85 does not ensure that the setUninstallURL preference corresponds to the URL of a web site, which allows user-
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1300 | 5.0 |
The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not properly restrict the availability of IFRAME Resource Timing API times, which al
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1291 | 6.4 |
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not check whether a node is expected, which allows remote attackers to bypass the Same Origin Policy or cause a d
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1295 | 7.5 |
Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have u
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1293 | 7.5 |
The DOM implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1296 | 5.0 |
The UnescapeURLWithAdjustmentsImpl implementation in net/base/escape.cc in Google Chrome before 45.0.2454.85 does not prevent display of Unicode LOCK characters in the omnibox, which makes it easier for remote attackers to spoof the SSL lock icon by
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 | |
CVE-2015-1301 | 7.5 |
Multiple unspecified vulnerabilities in Google Chrome before 45.0.2454.85 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
22-12-2016 - 02:59 | 03-09-2015 - 22:59 |