| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-3169 | 7.5 |
Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging
|
30-10-2018 - 16:27 | 27-08-2014 - 01:55 | |
| CVE-2014-3168 | 7.5 |
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated wi
|
30-10-2018 - 16:27 | 27-08-2014 - 01:55 | |
| CVE-2014-3173 | 5.0 |
The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted
|
29-08-2017 - 01:34 | 27-08-2014 - 01:55 | |
| CVE-2014-3172 | 6.4 |
The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an ex
|
29-08-2017 - 01:34 | 27-08-2014 - 01:55 | |
| CVE-2014-3176 | 10.0 |
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177.
|
29-08-2017 - 01:34 | 27-08-2014 - 01:55 | |
| CVE-2014-3177 | 10.0 |
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.
|
29-08-2017 - 01:34 | 27-08-2014 - 01:55 | |
| CVE-2014-3170 | 6.4 |
extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character.
|
29-08-2017 - 01:34 | 27-08-2014 - 01:55 | |
| CVE-2014-3174 | 5.0 |
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote a
|
29-08-2017 - 01:34 | 27-08-2014 - 01:55 | |
| CVE-2014-3171 | 7.5 |
Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operation
|
29-08-2017 - 01:34 | 27-08-2014 - 01:55 |