Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Extras
Subscriptions
Total
3425 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-7939 | 4 Chromium, Google, Opensuse and 1 more | 8 Chromium, Chrome, Opensuse and 5 more | 2024-08-06 | N/A |
Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header. | ||||
CVE-2014-7948 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5 application content via a crafted certificate. | ||||
CVE-2014-7926 | 6 Canonical, Google, Icu-project and 3 more | 10 Ubuntu Linux, Chrome, International Components For Unicode and 7 more | 2024-08-06 | N/A |
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier. | ||||
CVE-2014-7910 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
CVE-2014-7944 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 40.0.2214.91, does not properly handle odd values of image width, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. | ||||
CVE-2014-7925 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained. | ||||
CVE-2014-7923 | 6 Canonical, Google, Icu-project and 3 more | 10 Ubuntu Linux, Chrome, International Components For Unicode and 7 more | 2024-08-06 | N/A |
The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression. | ||||
CVE-2014-7936 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that triggers improper maintenance of a zoom bubble. | ||||
CVE-2014-7924 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc. | ||||
CVE-2014-7947 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c. | ||||
CVE-2014-7945 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c. | ||||
CVE-2014-7932 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements. | ||||
CVE-2014-7931 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
factory.cc in Google V8, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of backing-store pointers. | ||||
CVE-2014-7929 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents. | ||||
CVE-2014-7940 | 3 Google, Icu-project, Redhat | 3 Chrome, International Components For Unicode, Rhel Extras | 2024-08-06 | N/A |
The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. | ||||
CVE-2014-7934 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures. | ||||
CVE-2014-7904 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||||
CVE-2014-7899 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. | ||||
CVE-2014-6585 | 2 Oracle, Redhat | 6 Jdk, Jre, Enterprise Linux and 3 more | 2024-08-06 | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591. | ||||
CVE-2014-6591 | 2 Oracle, Redhat | 6 Jdk, Jre, Enterprise Linux and 3 more | 2024-08-06 | N/A |
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585. |