Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2015-1205

    Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.... Read more

    Affected Products : ubuntu_linux chrome chromium
    • EPSS Score: %1.20
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-7948

    The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows... Read more

    Affected Products : chrome
    • EPSS Score: %0.57
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7947

    OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c.... Read more

    Affected Products : chrome
    • EPSS Score: %1.58
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7946

    The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of ser... Read more

    Affected Products : chrome
    • EPSS Score: %2.41
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7945

    OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.... Read more

    Affected Products : chrome
    • EPSS Score: %1.68
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7944

    The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 40.0.2214.91, does not properly handle odd values of image width, which allows remote attackers to cause a denial of service (out-of-bounds read) ... Read more

    Affected Products : chrome
    • EPSS Score: %1.68
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7943

    Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    • EPSS Score: %1.71
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7942

    The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.... Read more

    • EPSS Score: %2.36
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 5.0

    MEDIUM
    CVE-2014-7941

    The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (ou... Read more

    • EPSS Score: %2.25
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7940

    The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to caus... Read more

    • EPSS Score: %2.15
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2014-7939

    Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Cont... Read more

    • EPSS Score: %0.69
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7938

    The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %2.36
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7937

    Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I ... Read more

    Affected Products : chrome ffmpeg
    • EPSS Score: %2.21
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2014-7936

    Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have ... Read more

    Affected Products : chrome
    • EPSS Score: %2.33
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7935

    Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utt... Read more

    Affected Products : chrome
    • EPSS Score: %2.13
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7934

    Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of docu... Read more

    Affected Products : chrome
    • EPSS Score: %2.91
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7933

    Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impa... Read more

    Affected Products : chrome ffmpeg
    • EPSS Score: %5.94
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7932

    Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other ... Read more

    Affected Products : chrome
    • EPSS Score: %2.47
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7931

    factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of bac... Read more

    Affected Products : chrome
    • EPSS Score: %3.16
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2014-7930

    Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via craf... Read more

    Affected Products : chrome
    • EPSS Score: %2.47
    • Published: Jan. 22, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291551 Results