CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2016-1691 – chromium-browser: heap buffer-overflow in skia
https://notcve.org/view.php?id=CVE-2016-1691
01 Jun 2016 — Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp. Skia, como es usado en Google Chrome en versiones anteriores a 51.0.2704.63, no maneja correctamente la ejecución de coincidencia, lo que permite a atacantes remotos provocar una denegación del servicio (desbordamiento de buf... • http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 11EXPL: 0CVE-2016-1692 – chromium-browser: limited cross-origin bypass in serviceworker
https://notcve.org/view.php?id=CVE-2016-1692
01 Jun 2016 — WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. WebKit/Source/core/css/StyleSheetContents.cpp en Blink, como es usado en Google Chrome en versiones anteriores a 51.0.2704.63, permite la carga de origen cruzado de hojas de estilos de CSS con S... • http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-1693 – chromium-browser: http download of software removal tool
https://notcve.org/view.php?id=CVE-2016-1693
01 Jun 2016 — browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack on an HTTP session. browser/safe_browsing/srt_field_trial_win.cc en Google Chrome en versiones anteriores a 51.0.2704.63 no usa el servicio HTTPS en dl.google.com para obtener el Software Removal Tool, lo que permite a atacantes sup... • http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-1694 – chromium-browser: hpkp pins removed on cache clearance
https://notcve.org/view.php?id=CVE-2016-1694
01 Jun 2016 — browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority. browser/browsing_data/browsing_data_remover.cc en Google Chrome en versiones anteriores a 51.0.2704.63 borra los pins HPKP durante la limpieza de la caché, lo que hace más fácil para atacantes remotos suplantar páginas web a través de un certifica... • http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 0CVE-2016-1695 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-1695
01 Jun 2016 — Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 51.0.2704.63 permiten a atacantes remotos provocar una denegación del servicio o posiblemente tener otro impacto a través de vectores desconocidos. An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially cra... • http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html •
CVSS: 10.0EPSS: 2%CPEs: 42EXPL: 0CVE-2016-4448 – libxml2: Format string vulnerability
https://notcve.org/view.php?id=CVE-2016-4448
27 May 2016 — Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. Vulnerabilidad de formato de cadena en libxml2 en versiones anteriores a 2.9.4 permite a atacantes tener un impacto no especificado a través de especificadores de formato de cadena en vectores desconocidos. It was discovered that libxml2 incorrectly handled format strings. If a user or automated system were tricked into opening a specially crafted document, an atta... • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 2CVE-2016-4578 – Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak
https://notcve.org/view.php?id=CVE-2016-4578
23 May 2016 — sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions. sound/core/timer.c en el kernel de Linux hasta la versión 4.6 no inicializa determinadas estructuras de datos r1, lo que permite a usuarios locales obtener información sensible del kernel de memori... • https://packetstorm.news/files/id/152031 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2016-4805 – Ubuntu Security Notice USN-3021-2
https://notcve.org/view.php?id=CVE-2016-4805
23 May 2016 — Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions. Vulnerabilidad de uso después de liberación de memoria en drivers/net/ppp/ppp_generic.c en el kernel de Linux en versiones anteriores a 4.5.2 permite a usuarios local... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89 • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2016-3698 – libndp: denial of service due to insufficient validation of source of NDP messages
https://notcve.org/view.php?id=CVE-2016-3698
17 May 2016 — libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network. libndp en versiones anteriores a 1.6, como es usado en NetworkManager, no valida correctamente el origen de los mensajes Neighbor Discovery Protocol (NDP), lo que provoca a atacantes remotos ... • http://www.debian.org/security/2016/dsa-3581 • CWE-20: Improper Input Validation CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 2CVE-2016-1833 – libxml2: Heap-based buffer overread in htmlCurrentChar
https://notcve.org/view.php?id=CVE-2016-1833
17 May 2016 — The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. La función htmlCurrentChar en libxml2 en versiones anteriores a 2.9.4, como se utiliza en Apple iOS en versiones anteriores a 9.3.2, OS X en versiones anteriores a 10.11.5, tvOS en versiones anteriores a 9.2.1 y watchOS en versiones anteriores a ... • http://lists.apple.com/archives/security-announce/2016/May/msg00001.html • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •