Vulnerability & Exploit Database

Displaying entries 1 - 10 of 18 in total

Results for: CVE-2015-1361 Back to search

Google Chrome Vulnerability: CVE-2015-1361 Vulnerability

  • Severity: 7
  • Published: January 27, 2015

platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document, a different v...

Gentoo Linux: CVE-2015-1361: Chromium: Multiple vulnerabilities Vulnerability

  • Severity: 7
  • Published: January 27, 2015

platform/image-decoders/ImageFrame.h in Blink, as used in Google Chrome before 40.0.2214.91, does not initialize a variable that is used in calls to the Skia SkBitmap::setAlphaType function, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document, a different v...

SUSE: CVE-2014-3568: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: October 18, 2014

OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23_clnt.c and s23_srvr.c.

SUSE: CVE-2014-3567: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: October 18, 2014

Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.

F5 Networks: K15723 (CVE-2014-3567): OpenSSL vulnerability CVE-2014-3567 Vulnerability

  • Severity: 7
  • Published: October 18, 2014

Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.