CVE search results

681 – 690 of 881 results

Detailed view

Sort by:

CVE-2015-1263

Low priority

Some fixes available 4 of 5

The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2015-1261

Medium priority

Not affected

android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which...

2 affected packages

oxide-qt, chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
oxide-qt	—	—	—	—
chromium-browser	—	—	—	—

CVE-2015-1259

Medium priority

Fixed

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2015-1252

Medium priority

Some fixes available 4 of 5

common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2015-1251

Medium priority

Some fixes available 4 of 5

Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2015-3910

Medium priority

Some fixes available 18 of 29

Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

4 affected packages

chromium-browser, libv8, libv8-3.14, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
libv8	—	—	—	Not in release
libv8-3.14	—	—	—	Ignored
oxide-qt	—	—	—	Not in release

CVE-2015-1265

Medium priority

Some fixes available 8 of 9

Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2015-1262

Medium priority

Some fixes available 8 of 9

platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2015-1260

Medium priority

Some fixes available 8 of 9

Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have...

2 affected packages

oxide-qt, chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
oxide-qt	—	—	—	—
chromium-browser	—	—	—	—

CVE-2015-1258

Low priority

Some fixes available 8 of 9

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of...

3 affected packages

chromium-browser, libvpx, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
libvpx	—	—	—	—
oxide-qt	—	—	—	—

Export to JSON

Results by page:

Search CVE reports