Google V8, as used in Google Chrome before 15.0.874.121, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write operation.
Max CVSS
7.5
EPSS Score
0.43%
Published
2011-11-17
Updated
2020-05-08
Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet.
Max CVSS
7.5
EPSS Score
0.94%
Published
2011-11-11
Updated
2020-05-08
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.
Max CVSS
6.8
EPSS Score
6.91%
Published
2011-11-11
Updated
2020-05-08
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping.
Max CVSS
7.5
EPSS Score
0.43%
Published
2011-11-11
Updated
2020-05-07
Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Max CVSS
7.5
EPSS Score
2.27%
Published
2011-11-11
Updated
2020-05-08
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream.
Max CVSS
7.5
EPSS Score
0.40%
Published
2011-11-11
Updated
2020-05-08
Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.00%
Published
2011-11-11
Updated
2020-05-08
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Max CVSS
7.5
EPSS Score
2.39%
Published
2011-11-11
Updated
2020-05-08
8 vulnerabilities found