SUSE CVE-2015-1265

Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

chromium-browser: Cross-site scripting in bookmarks.

Cross-site scripting XSS vulnerability in Google Chrome before 43.0.2357.65 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted data that is improperly handled by the Bookmarks feature...

chromium-browser: URL bar spoofing in unspecified component

android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which allows remote attackers to spoof the URL bar or deliver misleading...

chromium-browser: Cross-origin bypass in DOM.

core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask...

Google Chrome Input Validation Vulnerability (CNVD-2015-03346)

Google Chrome on Android is a web browser developed by the American company Google Google for the Android platform. A security vulnerability exists in the android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java file in versions of Google Chrome prior to 43.0.2357.65 on the Android...

Google Chrome memory misreference vulnerability (CNVD-2015-03352)

Google Chrome is a web browser developed by the American company Google Google. A memory misreference vulnerability exists in versions of Google Chrome prior to 43.0.2357.65. Allows remote attackers to launch a denial of service attack by exploiting the audio stop action...

Google Chrome Cross-Site Scripting Vulnerability (CNVD-2015-03343)

Google Chrome is a web browser developed by the American company Google Google. A cross-site scripting vulnerability exists in versions of Google Chrome prior to 43.0.2357.65. This vulnerability allows remote attackers to inject arbitrary web script or HTML...

Google Chrome Man-in-the-Middle Attack Vulnerability

Google Chrome is a web browser developed by the American company Google Google. A man-in-the-middle attack vulnerability exists in versions of Google Chrome prior to 43.0.2357.65. The vulnerability allows attackers to conduct man-in-the-middle attacks...

CVE-2015-1264

Cross-site scripting XSS vulnerability in Google Chrome before 43.0.2357.65 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted data that is improperly handled by the Bookmarks feature...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

CVE-2015-1258

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame...