CVSS: 9.3EPSS: 10%CPEs: 6EXPL: 0CVE-2016-1649 – Google Chrome libANGLE glGetUniformfv Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1649
27 Mar 2016 — The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages. La función Program::getUniformInternal en Program.cpp en libANGLE, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.108, no maneja adecuadamente ciertos tipos de datos que... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1650 – chromium-browser: various fixes from internal audits
https://notcve.org/view.php?id=CVE-2016-1650
27 Mar 2016 — The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document. La función PageCaptureSaveAsMHTMLFunction::ReturnFailure en browser/extensions/api/page_capture/page_capture_api.cc en Google Chrome en versiones anteriores a 49.0.2623.108 permite a atacantes remotos provocar una ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1643 – chromium-browser: type confusion in Blink
https://notcve.org/view.php?id=CVE-2016-1643
10 Mar 2016 — The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." La función ImageInputType::ensurePrimaryContent en WebKit/Source/core/html/forms/ImageInputType.cpp en Blink, como se utiliza en Google Chrome en versiones... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html • CWE-361: 7PK - Time and State CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1644 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1644
10 Mar 2016 — WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document. WebKit/Source/core/layout/LayoutObject.cpp en Blink, como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.87, no restringe correctamente la planificación de rediseño, lo que permite a atacantes remotos ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 16%CPEs: 6EXPL: 0CVE-2016-1645 – Google Chrome Pdfium JPEG2000 Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1645
10 Mar 2016 — Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. Múltiples errores de entero sin signo en la función opj_j2k_update_image_data en j2k.c en OpenJPEG, como se utiliza en PDFium en Google Chrome en versiones anteriores a 49.0.2623.87, permiten a ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1630 – chromium-browser: same-origin bypass in Blink
https://notcve.org/view.php?id=CVE-2016-1630
06 Mar 2016 — The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site. La función ContainerNode::parserRemoveChild en WebKit/Source/core/dom/ContainerNode.cpp en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.75, no maneja correctamente las actualizaciones de widget, lo que fa... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1631 – chromium-browser: same-origin bypass in Pepper Plugin
https://notcve.org/view.php?id=CVE-2016-1631
06 Mar 2016 — The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. La función de The PPB_Flash_MessageLoop_Impl::InternalRun en content/renderer/pepper/ppb_flash_message_loop_impl.cc en el plugin Pepper en Google Chrome en versiones anteriores a 49.0.2623.75 no maneja correctamente los buc... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1632 – chromium-browser: bad cast in Extensions
https://notcve.org/view.php?id=CVE-2016-1632
06 Mar 2016 — The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h. El subsistema Extensions en Google Chrome en versiones anteriores a 49.0.2623.75 no mantiene adecuadamente sus propias propiedades, lo que permite a atacantes remotos eludir las restricciones destinadas al acceso... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1633 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1633
06 Mar 2016 — Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación de memoria en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.75, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. It was discovered th... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2016-1634 – chromium-browser: use-after-free in Blink
https://notcve.org/view.php?id=CVE-2016-1634
06 Mar 2016 — Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action. Vulnerabilidad de uso después de liberación de memoria en la función StyleResolver::appendCSSStyleShee... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •