Latest CVE Feed
-
6.8
MEDIUMCVE-2015-1220
Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecif... Read more
- EPSS Score: %3.07
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1219
Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors t... Read more
- EPSS Score: %0.90
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1218
Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a ... Read more
- EPSS Score: %1.07
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1217
The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a de... Read more
- EPSS Score: %1.65
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1216
Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service ... Read more
- EPSS Score: %1.07
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1215
The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.... Read more
- EPSS Score: %0.97
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1214
Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other... Read more
- EPSS Score: %0.97
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2015-1213
The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that ... Read more
Affected Products : chrome- EPSS Score: %0.97
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2014-9689
content/renderer/device_sensors/device_orientation_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote attackers to obtain speech signals from a device's physic... Read more
Affected Products : chrome- EPSS Score: %0.37
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2011-5319
content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote attackers to capture keystrokes via a crafted web site tha... Read more
Affected Products : chrome- EPSS Score: %0.37
- Published: Mar. 09, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-2192
Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field... Read more
- EPSS Score: %0.55
- Published: Mar. 08, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-2191
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length fiel... Read more
- EPSS Score: %3.29
- Published: Mar. 08, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-2190
epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is impro... Read more
- EPSS Score: %0.21
- Published: Mar. 08, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-2189
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an i... Read more
- EPSS Score: %0.30
- Published: Mar. 08, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-2188
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application cra... Read more
- EPSS Score: %0.34
- Published: Mar. 08, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-2187
The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of se... Read more
- EPSS Score: %0.25
- Published: Mar. 08, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-0228
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has cal... Read more
- EPSS Score: %10.73
- Published: Mar. 08, 2015
- Modified: Apr. 12, 2025
-
7.8
HIGHCVE-2015-2177
Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus.... Read more
- EPSS Score: %50.64
- Published: Mar. 07, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-1599
The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error.... Read more
Affected Products : spcanywhere- EPSS Score: %0.06
- Published: Mar. 07, 2015
- Modified: Apr. 12, 2025
-
2.1
LOWCVE-2015-1598
The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device filesystem.... Read more
Affected Products : spcanywhere- EPSS Score: %0.06
- Published: Mar. 07, 2015
- Modified: Apr. 12, 2025