| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-6761 | 6.8 |
The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cau
|
21-12-2018 - 11:29 | 15-10-2015 - 10:59 | |
| CVE-2015-6763 | 7.5 |
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
13-09-2017 - 01:29 | 15-10-2015 - 10:59 | |
| CVE-2015-6756 | 6.8 |
Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have un
|
24-12-2016 - 02:59 | 15-10-2015 - 10:59 | |
| CVE-2015-6755 | 7.5 |
The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows
|
24-12-2016 - 02:59 | 15-10-2015 - 10:59 | |
| CVE-2015-6757 | 7.5 |
Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified othe
|
24-12-2016 - 02:59 | 15-10-2015 - 10:59 | |
| CVE-2015-6758 | 6.8 |
The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of s
|
24-12-2016 - 02:59 | 15-10-2015 - 10:59 | |
| CVE-2015-6760 | 7.5 |
The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or w
|
24-12-2016 - 02:59 | 15-10-2015 - 10:59 | |
| CVE-2015-6762 | 7.5 |
The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets (CSS) implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's
|
24-12-2016 - 02:59 | 15-10-2015 - 10:59 | |
| CVE-2015-6759 | 5.0 |
The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to
|
24-12-2016 - 02:59 | 15-10-2015 - 10:59 | |
| CVE-2015-1303 | 7.5 |
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a
|
24-12-2016 - 02:59 | 12-10-2015 - 01:59 | |
| CVE-2015-1304 | 7.5 |
object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call
|
24-12-2016 - 02:59 | 12-10-2015 - 01:59 |