NotCVE - vendor:"Google" product:"Chrome" version:" <= 47.0.2526.80"

Page 214 of 3364 results (0.010 seconds)

CVSS: 9.3EPSS: 16%CPEs: 6EXPL: 0

CVE-2016-1645 – Google Chrome Pdfium JPEG2000 Out-Of-Bounds Write Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-1645

10 Mar 2016 — Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. Múltiples errores de entero sin signo en la función opj_j2k_update_image_data en j2k.c en OpenJPEG, como se utiliza en PDFium en Google Chrome en versiones anteriores a 49.0.2623.87, permiten a ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1630 – chromium-browser: same-origin bypass in Blink

https://notcve.org/view.php?id=CVE-2016-1630

06 Mar 2016 — The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site. La función ContainerNode::parserRemoveChild en WebKit/Source/core/dom/ContainerNode.cpp en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.75, no maneja correctamente las actualizaciones de widget, lo que fa... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1631 – chromium-browser: same-origin bypass in Pepper Plugin

https://notcve.org/view.php?id=CVE-2016-1631

06 Mar 2016 — The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. La función de The PPB_Flash_MessageLoop_Impl::InternalRun en content/renderer/pepper/ppb_flash_message_loop_impl.cc en el plugin Pepper en Google Chrome en versiones anteriores a 49.0.2623.75 no maneja correctamente los buc... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2016-1632 – chromium-browser: bad cast in Extensions

https://notcve.org/view.php?id=CVE-2016-1632

06 Mar 2016 — The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h. El subsistema Extensions en Google Chrome en versiones anteriores a 49.0.2623.75 no mantiene adecuadamente sus propias propiedades, lo que permite a atacantes remotos eludir las restricciones destinadas al acceso... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2016-1633 – chromium-browser: use-after-free in Blink

https://notcve.org/view.php?id=CVE-2016-1633

06 Mar 2016 — Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación de memoria en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.75, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. It was discovered th... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2016-1634 – chromium-browser: use-after-free in Blink

https://notcve.org/view.php?id=CVE-2016-1634

06 Mar 2016 — Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action. Vulnerabilidad de uso después de liberación de memoria en la función StyleResolver::appendCSSStyleShee... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2016-1635 – chromium-browser: use-after-free in Blink

https://notcve.org/view.php?id=CVE-2016-1635

06 Mar 2016 — extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. extensions/renderer/render_frame_observer_natives.cc en Google Chrome en versiones anteriores a 49.0.2623.75 no considera adecuadamente la vida del objeto y los problemas de ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1636 – chromium-browser: SRI Validation Bypass

https://notcve.org/view.php?id=CVE-2016-1636

06 Mar 2016 — The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource. La función PendingScript::notifyFinished en WebKit/Source/core/dom/PendingScript.cpp en Google Chrome en versiones anteriores a 49.0.2623.... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1637 – chromium-browser: information leak in Skia

https://notcve.org/view.php?id=CVE-2016-1637

06 Mar 2016 — The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in Skia, as used in Google Chrome before 49.0.2623.75, mishandles arctangent calculations, which allows remote attackers to obtain sensitive information via a crafted web site. La función SkATan2_255 en effects/gradients/SkSweepGradient.cpp en Skia, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.75, no maneja correctamente los cálculos de arcotangente, lo que permite a atacantes remotos obtener información sensible a... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1638 – chromium-browser: WebAPI Bypass

https://notcve.org/view.php?id=CVE-2016-1638

06 Mar 2016 — extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app. extensions/renderer/resources/platform_app.js en el subsistema Extensions en Google Chrome en versiones anteriores a 49.0.2623.75 no restringe adecuadamente el uso de APIs Web, lo que permite a atacantes remotos eludir las restricciones destinadas al acceso a ... • http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html • CWE-284: Improper Access Control •

1...212 213 214 215 216