Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-3333 |
Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Published: April 19, 2015; 6:59:13 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1249 |
Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Published: April 19, 2015; 6:59:12 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1244 |
The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic. Published: April 19, 2015; 6:59:07 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-1242 |
The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization. Published: April 19, 2015; 6:59:06 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1241 |
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. Published: April 19, 2015; 6:59:05 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-1240 |
gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency. Published: April 19, 2015; 6:59:04 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-1238 |
Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. Published: April 19, 2015; 6:59:03 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1237 |
Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation. Published: April 19, 2015; 6:59:02 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1236 |
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element. Published: April 19, 2015; 6:59:01 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-1235 |
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element. Published: April 19, 2015; 6:59:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-2573 |
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. Published: April 16, 2015; 1:00:05 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2015-2571 |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer. Published: April 16, 2015; 1:00:04 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2015-2568 |
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges. Published: April 16, 2015; 1:00:02 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-0505 |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via vectors related to DDL. Published: April 16, 2015; 12:59:54 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2015-0501 |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling. Published: April 16, 2015; 12:59:50 PM -0400 |
V3.x:(not available) V2.0: 5.7 MEDIUM |
CVE-2015-0499 |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Federated. Published: April 16, 2015; 12:59:48 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2015-0441 |
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption. Published: April 16, 2015; 12:59:06 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2015-0433 |
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML. Published: April 16, 2015; 12:59:02 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2013-7439 |
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. Published: April 16, 2015; 10:59:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-2775 |
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name. Published: April 13, 2015; 10:59:02 AM -0400 |
V3.x:(not available) V2.0: 7.6 HIGH |