CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2016-1667 – chromium-browser: same origin bypass in dom
https://notcve.org/view.php?id=CVE-2016-1667
13 May 2016 — The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. La función TreeScope::adoptIfNeeded en WebKit/Source/core/dom/TreeScope.cpp en la implementación DOM en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.102, no impid... • http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1670 – chromium-browser: race condition in loader
https://notcve.org/view.php?id=CVE-2016-1670
13 May 2016 — Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID. Condición de carrera en la función ResourceDispatcherHostImpl::BeginRequest en content/browser/loader/resource_dispatcher_host_impl.cc en Google Chrome en versiones anteriores a 50.0.2661.102 permite a atacantes remoto... • http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 2%CPEs: 6EXPL: 0CVE-2016-1662 – chromium-browser: use-after-free in extensions
https://notcve.org/view.php?id=CVE-2016-1662
02 May 2016 — extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. extensions/renderer/gc_callback.cc en Google Chrome en versiones anteriores a 50.0.2661.94 no previene la ejecución de retorno una vez que la llamada de retorno Garbage Collection ha comenzado, lo que permite a atac... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1666 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-1666
02 May 2016 — Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 50.0.2661.94 permiten a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1663 – chromium-browser: use-after-free in blink's v8 bindings
https://notcve.org/view.php?id=CVE-2016-1663
02 May 2016 — The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. La función SerializedScriptValue::transferArrayBuffers en WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp en los enlaces... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1664 – chromium-browser: address bar spoofing
https://notcve.org/view.php?id=CVE-2016-1664
02 May 2016 — The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site. La función HistoryController::UpdateForCommit en content/renderer/history_controller.cc en Google Chrome en versiones anteriores a 50.0.2661.94 no maneja correctamente la interacción entre las navegaciones hacia... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1660 – chromium-browser: out-of-bounds write in blink
https://notcve.org/view.php?id=CVE-2016-1660
02 May 2016 — Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site. Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente las aserciones en las clases WTF::BitArray y WTF::double_conversion::Vector, lo que permite a atacantes remotos provo... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html • CWE-20: Improper Input Validation •
CVSS: 8.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1661 – chromium-browser: memory corruption in cross-process frames
https://notcve.org/view.php?id=CVE-2016-1661
02 May 2016 — Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp. Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no asegura que los marcos satisfagan una comprobación para el m... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1665 – chromium-browser: information leak in v8
https://notcve.org/view.php?id=CVE-2016-1665
02 May 2016 — The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code. La clase JSGenericLowering en compiler/js-generic-lowering.cc en Google V8, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente los operadores de comparación, lo que permite a atacantes remotos obtener información se... • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1656 – chromium-browser: android downloaded file path restriction bypass
https://notcve.org/view.php?id=CVE-2016-1656
18 Apr 2016 — The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors. La implementación de download en Google Chrome en versiones anteriores a 50.0.2661.75 en Android permite a atacantes remotos eludir las restricciones de nombre de ruta previstas a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html • CWE-284: Improper Access Control •