NotCVE - vendor:"Google" product:"Chrome" version:" <= 47.0.2526.80"

Page 217 of 3364 results (0.013 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1618 – chromium-browser: weak random number generator in Blink

https://notcve.org/view.php?id=CVE-2016-1618

25 Jan 2016 — Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. Blink, tal como se utiliza en Google Chrome en versiones anteriores a 48.0.2564.82, no asegura que se utilice un generador de números aleatorios cryptographicallyRandomValues adecuado, lo que hace más fácil para atacantes remotos vencer mecanismos de p... • http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •

CVSS: 7.6EPSS: 2%CPEs: 1EXPL: 0

CVE-2016-1619 – chromium-browser: out-of-bounds read in PDFium

https://notcve.org/view.php?id=CVE-2016-1619

25 Jan 2016 — Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. Múltiples desbordamientos de enteros en las funciones (1) sycc422_to_rgb y (2) sycc444_to_rgb en fxcodec/codec/fx_codec_jpx_opj.cpp en PDFium, tal como se utiliza en Google Chrome en versi... • http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1620 – chromium-browser: various fixes from internal audits

https://notcve.org/view.php?id=CVE-2016-1620

25 Jan 2016 — Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 48.0.2564.82 permiten a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could... • http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html •

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-2051 – chromium-browser: Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17

https://notcve.org/view.php?id=CVE-2016-2051

25 Jan 2016 — Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.8.271.17, tal como se utiliza en Google Chrome en versiones anteriores a 48.0.2564.82, permiten a atacantes provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. A b... • http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html •

CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-2052 – chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6

https://notcve.org/view.php?id=CVE-2016-2052

25 Jan 2016 — Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947. Múltiples vulnerabilidades no especificadas en HarfBuzz en versiones anteriores a 1.0.6, tal como se utiliza en Google Chrome en versiones anteriores a 48.0.2564.82, permiten a... • http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html •

CVSS: 8.8EPSS: 8%CPEs: 1EXPL: 1

CVE-2015-8664 – Google Chrome - Renderer Process to Browser Process Privilege Escalation

https://notcve.org/view.php?id=CVE-2015-8664

24 Dec 2015 — Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792. Desbordamiento de entero en la función the WebCursor::Deserialize en content/common/cursors/webcursor.cc en Google Chrome en versiones anteriores a la 47.0.2526.106 permite a atacantes remo... • https://www.exploit-db.com/exploits/39039 • CWE-189: Numeric Errors CWE-416: Use After Free •

CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0

CVE-2015-6792 – chromium-browser: Fixes from internal audits and fuzzing

https://notcve.org/view.php?id=CVE-2015-6792

17 Dec 2015 — The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664. El subsistema MIDI en Google Chrome en versiones anteriores a la 47.0.2526.106 no maneja correctamente el envío de datos, lo que permite a atacantes remotos e... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_15.html •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2015-8548 – v8: multiple vulnerabilities fixed in 4.7.80.23

https://notcve.org/view.php?id=CVE-2015-8548

14 Dec 2015 — Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478. Múltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.7.80.23, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.80, permite a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través ... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

CVE-2015-6788 – chromium-browser: Type confusion in extensions

https://notcve.org/view.php?id=CVE-2015-6788

14 Dec 2015 — The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." La clase ObjectBackedNativeHandler en extensions/renderer/object_backed_native_handler.cc en el subsistema de extensiones en Google Chrome en versiones anteriores a 47.0.... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-6789 – chromium-browser: Use-after free in Blink

https://notcve.org/view.php?id=CVE-2015-6789

14 Dec 2015 — Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated object deletion. Condición de carrera en la implementación MutationObserver en Blink, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.80, permite a atacantes remotos causar una denegación de servicio (uso después de liberación de memoria) o ... • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

1...215 216 217 218 219