Page 396 of 2385 results (0.014 seconds)

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Desbordamiento de búfer basado en memoria dinámica durante el análisis de imagen TIFF en PDFium en Google Chrome anterior a 55.0.2883.75 para Mac, Windows y Linux y 55.0.2883.84 para Android permitió a un atacante remoto explotar potencialmente corrupción de memoria a través de un archivo PDF manipulado. • http://rhn.redhat.com/errata/RHSA-2016-2919.html http://www.securityfocus.com/bid/94633 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html https://crbug.com/654183 https://security.gentoo.org/glsa/201612-11 https://access.redhat.com/security/cve/CVE-2016-5210 https://bugzilla.redhat.com/show_bug.cgi?id=1400859 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Manejo incorrecto de URLs no válidas en Google Chrome anterior a 55.0.2883.75 para Mac, Windows y Linux y 55.0.2883.84 para Android permitió a un atacante remoto suplantar los contenidos de la Omnibox (barra de URL) a través de una página HTML manipulada. • http://rhn.redhat.com/errata/RHSA-2016-2919.html http://www.securityfocus.com/bid/94633 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html https://crbug.com/657720 https://security.gentoo.org/glsa/201612-11 https://access.redhat.com/security/cve/CVE-2016-5222 https://bugzilla.redhat.com/show_bug.cgi?id=1400872 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page. Blink en Google Chrome anterior a 55.0.2883.75 para Mac, Windows y Linux y 55.0.2883.84 para Android manejó incorrectamente acciones de formularios, lo que permitió a un atacante remoto eludir la Content Security Policy a través de una página HTML manipulada. • http://rhn.redhat.com/errata/RHSA-2016-2919.html http://www.securityfocus.com/bid/94633 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html https://crbug.com/630332 https://security.gentoo.org/glsa/201612-11 https://access.redhat.com/security/cve/CVE-2016-5225 https://bugzilla.redhat.com/show_bug.cgi?id=1400877 • CWE-19: Data Processing Errors •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un uso después de liberación de memoria en PDFium en Google Chrome anterior a 55.0.2883.75 para Mac, Windows y Linux y 55.0.2883.84 para Android permitió a un atacante remoto explotar corrupción de memoria a través de un archivo PDF manipulado. • http://rhn.redhat.com/errata/RHSA-2016-2919.html http://www.securityfocus.com/bid/94633 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html https://crbug.com/649229 https://security.gentoo.org/glsa/201612-11 https://access.redhat.com/security/cve/CVE-2016-5211 https://bugzilla.redhat.com/show_bug.cgi?id=1400862 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Mal casting en la manipulación de bitmap en Blink en Google Chrome anterior a 55.0.2883.75 para Mac, Windows y Linux y 55.0.2883.84 para Android permitió a un atacante remoto explotar potencialmente corrupción de memoria a través de una página HTML manipulada. • http://rhn.redhat.com/errata/RHSA-2016-2919.html http://www.securityfocus.com/bid/94633 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html https://crbug.com/664139 https://security.gentoo.org/glsa/201612-11 https://access.redhat.com/security/cve/CVE-2016-5209 https://bugzilla.redhat.com/show_bug.cgi?id=1400856 • CWE-787: Out-of-bounds Write •