Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2015-1224

    The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attacker... Read more

    Affected Products : chrome
    • EPSS Score: %4.08
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1223

    Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via v... Read more

    Affected Products : chrome
    • EPSS Score: %1.23
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1222

    Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or poss... Read more

    Affected Products : chrome
    • EPSS Score: %0.99
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1221

    Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thre... Read more

    Affected Products : chrome
    • EPSS Score: %0.87
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-1220

    Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecif... Read more

    • EPSS Score: %3.07
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1219

    Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors t... Read more

    • EPSS Score: %0.90
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1218

    Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a ... Read more

    • EPSS Score: %1.07
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1217

    The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a de... Read more

    • EPSS Score: %1.65
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1216

    Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service ... Read more

    • EPSS Score: %1.07
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1215

    The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation.... Read more

    • EPSS Score: %0.97
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1214

    Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other... Read more

    • EPSS Score: %0.97
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1213

    The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that ... Read more

    Affected Products : chrome
    • EPSS Score: %0.97
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-9689

    content/renderer/device_sensors/device_orientation_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate gyroscope data, which makes it easier for remote attackers to obtain speech signals from a device's physic... Read more

    Affected Products : chrome
    • EPSS Score: %0.37
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2011-5319

    content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote attackers to capture keystrokes via a crafted web site tha... Read more

    Affected Products : chrome
    • EPSS Score: %0.37
    • Published: Mar. 09, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-2192

    Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field... Read more

    Affected Products : wireshark opensuse
    • EPSS Score: %0.55
    • Published: Mar. 08, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-2191

    Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length fiel... Read more

    Affected Products : debian_linux wireshark opensuse mageia
    • EPSS Score: %3.29
    • Published: Mar. 08, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-2190

    epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is impro... Read more

    Affected Products : wireshark opensuse solaris
    • EPSS Score: %0.21
    • Published: Mar. 08, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-2189

    Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an i... Read more

    • EPSS Score: %0.30
    • Published: Mar. 08, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-2188

    epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application cra... Read more

    • EPSS Score: %0.34
    • Published: Mar. 08, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2015-2187

    The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of se... Read more

    Affected Products : wireshark opensuse
    • EPSS Score: %0.25
    • Published: Mar. 08, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291384 Results