Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:google:chrome:35.0.1916.74:*:*:*:*:*:*:*
There are 1,536 matching records.
Displaying matches 1,421 through 1,440.
Vuln ID Summary CVSS Severity
CVE-2015-1232

Array index error in the MidiManagerUsb::DispatchSendMidiData function in media/midi/midi_manager_usb.cc in Google Chrome before 41.0.2272.76 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging renderer access to provide an invalid port index that triggers an out-of-bounds write operation, a different vulnerability than CVE-2015-1212.

Published: March 08, 2015; 8:59:27 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1231

Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Published: March 08, 2015; 8:59:23 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1230

The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion."

Published: March 08, 2015; 8:59:22 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1229

net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response.

Published: March 08, 2015; 8:59:22 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1228

The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted Cascading Style Sheets (CSS) token sequence.

Published: March 08, 2015; 8:59:21 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1227

The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which the default orientation cannot be used.

Published: March 08, 2015; 8:59:20 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1226

The DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 41.0.2272.76 does not properly restrict what URLs are available as debugger targets, which allows remote attackers to bypass intended access restrictions via a crafted extension.

Published: March 08, 2015; 8:59:19 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1225

PDFium, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: March 08, 2015; 8:59:18 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1224

The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted VPx video data.

Published: March 08, 2015; 8:59:17 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-1223

Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger extraneous change events, as demonstrated by events for invalid input or input to read-only fields, related to the initializeTypeInParsing and updateType functions.

Published: March 08, 2015; 8:59:17 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1222

Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a ServiceWorkerContextWrapper::DeleteAndStartOver call, related to the NotifyStartedCaching and NotifyFinishedCaching functions.

Published: March 08, 2015; 8:59:15 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1221

Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, related to the shutdown function in web/WebKit.cpp.

Published: March 08, 2015; 8:59:14 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1220

Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image.

Published: March 08, 2015; 8:59:13 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-1219

Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering.

Published: March 08, 2015; 8:59:12 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1218

Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp.

Published: March 08, 2015; 8:59:10 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1217

The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."

Published: March 08, 2015; 8:59:09 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1216

Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment.

Published: March 08, 2015; 8:59:08 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1215

The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.

Published: March 08, 2015; 8:59:06 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1214

Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation.

Published: March 08, 2015; 8:59:05 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2015-1213

The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.

Published: March 08, 2015; 8:59:04 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH