Page 460 of 3354 results (0.017 seconds)

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0

CVE-2015-1218 – chromium-browser: Use-after-free in dom

https://notcve.org/view.php?id=CVE-2015-1218

Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp. Múltiples vulnerabilidades de uso después de liberación en la implementación DOM en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan el traslado de un elemento SCRIPT a documentos diferentes, relacionado con (1) la función HTMLScriptElement::didMoveToNewDocument en core/html/HTMLScriptElement.cpp y (2) la función SVGScriptElement::didMoveToNewDocument en core/svg/SVGScriptElement.cpp. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=456059 https://security.gentoo.org/glsa/201503-12 https://src.chromium.org/viewvc/blink?revision=189886&view=revision https://access.redhat.com/security/cve/CVE-2015-1218 https://bugzilla.redhat.com/show_bug.cgi?id=1198525 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-1222 – chromium-browser: Use-after-free in service workers

https://notcve.org/view.php?id=CVE-2015-1222

Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a ServiceWorkerContextWrapper::DeleteAndStartOver call, related to the NotifyStartedCaching and NotifyFinishedCaching functions. Múltiples vulnerabilidades de uso después de liberación en la implementación ServiceWorkerScriptCacheMap en content/browser/service_worker/service_worker_script_cache_map.cc en Google Chrome anterior a 41.0.2272.76 permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una llamada a ServiceWorkerContextWrapper::DeleteAndStartOver, relacionado con las funciones NotifyStartedCaching y NotifyFinishedCaching. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=448082 https://codereview.chromium.org/798883005 https://security.gentoo.org/glsa/201503-12 https://access.redhat.com/security/cve/CVE-2015-1222 https://bugzilla.redhat.com/show_bug.cgi?id=1198529 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-1223 – chromium-browser: Use-after-free in dom

https://notcve.org/view.php?id=CVE-2015-1223

Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger extraneous change events, as demonstrated by events for invalid input or input to read-only fields, related to the initializeTypeInParsing and updateType functions. Múltiples vulnerabilidades de uso después de liberación en core/html/HTMLInputElement.cpp en la implementación DOM en Blink, utilizado en Google Chrome anterior a 41.0.2272.76, permiten a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan eventos de cambio extraños, tal y como fue demostrado por eventos para entradas inválidas o entradas a campos de solo lectura, relacionado con las funciones initializeTypeInParsing y updateType. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 http://www.ubuntu.com/usn/USN-2521-1 https://chromium.googlesource.com/chromium/blink.git/+/de1fee41e2c1bbfea7a564ad81e0b511a462fe0b https://code.google.com/p/chromium/issues/detail?id=454231 https://security.gentoo.org/glsa/201503-12 https://access.redhat.com/security/cve/CVE-2015-1223 https://bugzilla.redhat.com/show_bug • CWE-416: Use After Free •

CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-1225 – chromium-browser: Out-of-bounds read in pdfium

https://notcve.org/view.php?id=CVE-2015-1225

PDFium, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. PDFium, utilizado en Google Chrome anterior a 41.0.2272.76, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.securityfocus.com/bid/72901 https://code.google.com/p/chromium/issues/detail?id=446033 https://security.gentoo.org/glsa/201503-12 https://access.redhat.com/security/cve/CVE-2015-1225 https://bugzilla.redhat.com/show_bug.cgi?id=1198532 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2015-1231 – chromium-browser: Various fixes from internal audits, fuzzing and other initiatives.

https://notcve.org/view.php?id=CVE-2015-1231

Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a 41.0.2272.76 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/03/stable-channel-update.html http://rhn.redhat.com/errata/RHSA-2015-0627.html http://www.ubuntu.com/usn/USN-2521-1 https://code.google.com/p/chromium/issues/detail?id=383777 https://code.google.com/p/chromium/issues/detail?id=404300 https://code.google.com/p/chromium/issues/detail?id=406871 https://code.google.com/p/chromium/issues/detail?id=421499 https://code.google.com/p/chromium/issues/detail? •