CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8478 – v8: multiple vulnerabilities fixed in 4.7.80.23
https://notcve.org/view.php?id=CVE-2015-8478
06 Dec 2015 — Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.7.80.23, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.73, permite a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8479 – chromium-browser: Various fixes from internal audits
https://notcve.org/view.php?id=CVE-2015-8479
06 Dec 2015 — Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/audio_output_device.cc in Google Chrome before 47.0.2526.73 allows attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering access to an unauthorized audio output device. Vulnerabilidad de uso después de liberación de memoria en la función AudioOutputDevice::OnDeviceAuthorized en media/audio/audio_output_device.cc en Google Chrome en versiones anter... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8480 – chromium-browser: Various fixes from internal audits
https://notcve.org/view.php?id=CVE-2015-8480
06 Dec 2015 — The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg. La función VideoFramePool::PoolImpl::CreateFrame en media/base/video_frame_pool.cc en ... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2015-6783
https://notcve.org/view.php?id=CVE-2015-6783
06 Dec 2015 — The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive. La función FindStartOffsetOfFileInZipFile en crazy_linker_zip.cpp en crazy_linker (también conocida como Crazy Linker) en Android 5.x y 6.x, como se utiliza en Google Chrome en versiones anteriores a 47.0... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2015-6764 – v8: unspecified out-of-bounds access vulnerability
https://notcve.org/view.php?id=CVE-2015-6764
03 Dec 2015 — The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. La función BasicJsonStringifier::SerializeJSArray en json-stringifier.h en el stringifier JSON en Google V8, como se utiliza en Google Chrome en versiones anteri... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 3CVE-2015-6787 – pdfium - CPDF_Function::Call Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-6787
03 Dec 2015 — Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 47.0.2526.73 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. Pdfium suffers from a heap-based out-of-bounds read in CPDF_DIBSource:DownSampleScanline32Bit. • https://www.exploit-db.com/exploits/39165 •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2015-6765 – chromium-browser: Use-after-free in AppCache
https://notcve.org/view.php?id=CVE-2015-6765
03 Dec 2015 — Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs. Vulnerabilidad de uso después de liberación de memoria en content/browser/appcache/appcache_update_job.cc en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio mediante... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6766 – chromium-browser: Use-after-free in AppCache
https://notcve.org/view.php?id=CVE-2015-6766
03 Dec 2015 — Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection. Vulnerabilidad de uso después de liberación de memoria en la implementación de AppCache en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos con acceso renderer causar una de... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6767 – chromium-browser: Use-after-free in AppCache
https://notcve.org/view.php?id=CVE-2015-6767
03 Dec 2015 — Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks. Vulnerabilidad de uso después de liberación de memoria en content/browser/appcache/appcache_dispatcher_host.cc en la implementación de AppCache en Google Chrome en versiones anteriores ... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6768 – chromium-browser: Cross-origin bypass in DOM
https://notcve.org/view.php?id=CVE-2015-6768
03 Dec 2015 — The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770. La implementación del DOM en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos eludir la Same Origin Policy a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6770. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •