CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 6CVE-2015-6787 – pdfium - CPDF_Function::Call Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-6787
03 Dec 2015 — Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 47.0.2526.73 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If a user were trick... • https://packetstorm.news/files/id/135128 •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2015-6764 – v8: unspecified out-of-bounds access vulnerability
https://notcve.org/view.php?id=CVE-2015-6764
03 Dec 2015 — The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. La función BasicJsonStringifier::SerializeJSArray en json-stringifier.h en el stringifier JSON en Google V8, como se utiliza en Google Chrome en versiones anteri... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2015-6765 – chromium-browser: Use-after-free in AppCache
https://notcve.org/view.php?id=CVE-2015-6765
03 Dec 2015 — Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs. Vulnerabilidad de uso después de liberación de memoria en content/browser/appcache/appcache_update_job.cc en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio mediante... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6766 – chromium-browser: Use-after-free in AppCache
https://notcve.org/view.php?id=CVE-2015-6766
03 Dec 2015 — Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection. Vulnerabilidad de uso después de liberación de memoria en la implementación de AppCache en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos con acceso renderer causar una de... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6767 – chromium-browser: Use-after-free in AppCache
https://notcve.org/view.php?id=CVE-2015-6767
03 Dec 2015 — Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks. Vulnerabilidad de uso después de liberación de memoria en content/browser/appcache/appcache_dispatcher_host.cc en la implementación de AppCache en Google Chrome en versiones anteriores ... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6768 – chromium-browser: Cross-origin bypass in DOM
https://notcve.org/view.php?id=CVE-2015-6768
03 Dec 2015 — The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770. La implementación del DOM en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos eludir la Same Origin Policy a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6770. Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6769 – chromium-browser: Cross-origin bypass in core
https://notcve.org/view.php?id=CVE-2015-6769
03 Dec 2015 — The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing. La implementación del envío de carga provisional en WebKit/Source/bindings/core/v8/WindowProxy.cpp en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos eludir la Same Origin Policy mediante el aprovechamiento de un retraso en la desactivación del... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6770 – chromium-browser: Cross-origin bypass in DOM
https://notcve.org/view.php?id=CVE-2015-6770
03 Dec 2015 — The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768. La implementación del DOM en Google Chrome en versiones anteriores a 47.0.2526.73 permite a atacantes remotos eludir la Same Origin Policy a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6768. Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2015-1302 – chromium-browser: information leak in PDF viewer
https://notcve.org/view.php?id=CVE-2015-1302
11 Nov 2015 — The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc. El visor PDF en Google Chrome en versiones anteriores a 46.0.2490.86 no restringe adecuadamente mensajes de programación de secuencias de comandos y la exposición de la API, lo que permite a atacantes remotos eludir la Same Or... • http://googlechromereleases.blogspot.com/2015/11/stable-channel-update.html • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-6755 – chromium-browser: cross-origin bypass in Blink
https://notcve.org/view.php?id=CVE-2015-6755
15 Oct 2015 — The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. La función ContainerNode::parserInsertBefore en core/dom/ContainerNode.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 46.0.2490.71, procede con una inserció... • http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls CWE-345: Insufficient Verification of Data Authenticity •