NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2015-8548 | Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478. | 10.0 | 1.20% | 2015-12-14 | 2026-06-16 |
| CVE-2015-8480 | The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg. | 10.0 | 1.35% | 2015-12-05 | 2026-06-16 |
| CVE-2015-6791 | Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 10.0 | 1.65% | 2015-12-14 | 2026-06-16 |
| CVE-2015-6788 | The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." | 10.0 | 3.18% | 2015-12-14 | 2026-06-16 |
| CVE-2015-6787 | Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 10.0 | 8.12% | 2015-12-05 | 2026-06-16 |
| CVE-2015-6765 | Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs. | 10.0 | 4.48% | 2015-12-05 | 2026-06-16 |
| CVE-2015-0565 | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. | 10.0 | 13.25% | 2020-02-25 | 2026-06-16 |
| CVE-2014-7917 | Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342615. | 10.0 | 0.62% | 2015-09-30 | 2026-06-16 |
| CVE-2014-7916 | Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15342751. | 10.0 | 0.62% | 2015-09-30 | 2026-06-16 |
| CVE-2014-7915 | Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0 has unspecified impact and attack vectors, aka internal bug 15328708. | 10.0 | 0.62% | 2015-09-30 | 2026-06-16 |
| CVE-2014-3188 | Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h. | 10.0 | 5.95% | 2014-10-08 | 2026-06-16 |
| CVE-2014-3177 | Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176. | 10.0 | 3.88% | 2014-08-26 | 2026-06-16 |
| CVE-2014-3176 | Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177. | 10.0 | 9.76% | 2014-08-26 | 2026-06-16 |
| CVE-2014-3175 | Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components. | 10.0 | 1.47% | 2014-08-26 | 2026-06-16 |
| CVE-2014-1708 | The boot implementation in Google Chrome OS before 33.0.1750.152 does not properly consider file persistence, which allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 | 2.02% | 2014-03-16 | 2026-06-16 |
| CVE-2014-1704 | Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | 10.0 | 1.49% | 2014-03-16 | 2026-06-16 |
| CVE-2013-2931 | Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors. | 10.0 | 2.30% | 2013-11-13 | 2026-06-16 |
| CVE-2013-2863 | Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 | 3.58% | 2013-06-04 | 2026-06-16 |
| CVE-2013-2833 | Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements. | 10.0 | 1.61% | 2013-04-16 | 2026-06-16 |
| CVE-2013-0915 | The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to an "overflow." | 10.0 | 0.73% | 2013-03-18 | 2026-06-16 |