Total
3358 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-7938 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2014-7937 | 2 Ffmpeg, Google | 2 Ffmpeg, Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data. | |||||
| CVE-2014-7936 | 1 Google | 1 Chrome | 2023-11-07 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that triggers improper maintenance of a zoom bubble. | |||||
| CVE-2014-7935 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed tab. | |||||
| CVE-2014-7934 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures. | |||||
| CVE-2014-7933 | 2 Ffmpeg, Google | 2 Ffmpeg, Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data. | |||||
| CVE-2014-7932 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements. | |||||
| CVE-2014-7931 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers. | |||||
| CVE-2014-7930 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data. | |||||
| CVE-2014-7929 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents. | |||||
| CVE-2014-7928 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers an array copy. | |||||
| CVE-2014-7927 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. | |||||
| CVE-2014-7926 | 6 Canonical, Google, Icu-project and 3 more | 9 Ubuntu Linux, Chrome, International Components For Unicode and 6 more | 2023-11-07 | 7.5 HIGH | N/A |
| The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier. | |||||
| CVE-2014-7925 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained. | |||||
| CVE-2014-7924 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc. | |||||
| CVE-2014-7923 | 6 Canonical, Google, Icu-project and 3 more | 9 Ubuntu Linux, Chrome, International Components For Unicode and 6 more | 2023-11-07 | 7.5 HIGH | N/A |
| The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression. | |||||
| CVE-2014-7910 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2014-7909 | 1 Google | 1 Chrome | 2023-11-07 | 5.0 MEDIUM | N/A |
| effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data. | |||||
| CVE-2014-7908 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data. | |||||
| CVE-2014-7907 | 1 Google | 1 Chrome | 2023-11-07 | 7.5 HIGH | N/A |
| Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods. | |||||