Vulnerabilities > Google > Chrome > 37.0.2062.35

DATE CVE VULNERABILITY TITLE RISK
2016-01-25 CVE-2016-1612 Improper Input Validation vulnerability in Google Chrome
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact via crafted JavaScript code.
network
low complexity
google CWE-20
7.6
2015-12-24 CVE-2015-8664 Numeric Errors vulnerability in Google Chrome
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792.
network
low complexity
google CWE-189
8.8
2015-12-24 CVE-2015-6792 Unspecified vulnerability in Google Chrome
The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664.
network
low complexity
google
critical
9.8
2015-12-06 CVE-2015-6764 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.
network
low complexity
google nodejs debian CWE-119
critical
9.8
2015-07-23 CVE-2015-1276 Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation.
network
low complexity
google debian redhat opensuse
critical
9.8