Page 413 of 2390 results (0.031 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream. Google Chrome en versiones anteriores a 52.0.2743.82 no maneja correctamente información de origen durante la autenticación del proxy, lo que permite a atacantes man-in-the-middle suplantar una autenticación del proxy de aviso de inicio de sesión o desencadenar almacenamiento de credenciales incorrectas modificando el flujo de datos cliente-servidor. • http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html http://rhn.redhat.com/errata/RHSA-2016-1485.html http://www.debian.org/security/2016/dsa-3637 http://www.securityfocus.com/ • CWE-287: Improper Authentication •

CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 51.0.2704.103 permiten a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update_16.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html http://www.debian.org/security/2016/dsa-3637 http://www.ubuntu.com/usn/USN-3015-1 https://access.redhat.com/errata/ •

CVSS: 6.5EPSS: 2%CPEs: 11EXPL: 0

The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. La función SkRegion::readFromMemory en core/SkRegion.cpp in Skia, tal como se utiliza en Google Chrome en versiones anteriores a 51.0.2704.79, no valida la cuenta de intervalo, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de datos serializados manipulados. • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html http://www.debian.org/security/2016/dsa-3594 http://www.securitytracker.com/id/1036026 http://www.ubuntu.com/usn/USN-2992-1 https://access.redhat.com/errata/RHSA-2016:1201 https://codereview&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 0

extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions. extensions/renderer/runtime_custom_bindings.cc en Google Chrome en versiones anteriores a 51.0.2704.79 no considera los efectos laterales durante la creación de un array de vistas de extensión, lo que permite a atacantes remotos provocar una denegación de servicio (uso después de liberación de memoria) o posiblemente tener otro impacto no especificado a través de vectores relacionados con las extensiones. • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html http://www.debian.org/security/2016/dsa-3594 http://www.securitytracker.com/id/1036026 https://access.redhat.com/errata/RHSA-2016:1201 https://codereview.chromium.org/1948773002 https://crbug.com/ •

CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0

The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. El subsistema de extensiones en Google Chrome en versiones anteriores a 51.0.2704.79 no restringe adecuadamente accesos vinculantes, lo que permite a atacantes remotos eleduir la Same Origin Policy a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html http://www.debian.org/security/2016/dsa-3594 http://www.securitytracker.com/id/1036026 https://access.redhat.com/errata/RHSA-2016:1201 https://codereview.chromium.org/1866103002 https://crbug.com/ • CWE-254: 7PK - Security Features CWE-284: Improper Access Control •