CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1618 – chromium-browser: weak random number generator in Blink
https://notcve.org/view.php?id=CVE-2016-1618
Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. Blink, tal como se utiliza en Google Chrome en versiones anteriores a 48.0.2564.82, no asegura que se utilice un generador de números aleatorios cryptographicallyRandomValues adecuado, lo que hace más fácil para atacantes remotos vencer mecanismos de protección de cifrado a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00046.html http://rhn.redhat.com/errata/RHSA-2016-0072.html http://www.debian.org/security/2016/dsa-3456 http://www.securityfocus.com/bid/81430 http://www.securitytracker.com/id/1034801 http://www. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 8.8EPSS: 8%CPEs: 1EXPL: 1CVE-2015-8664 – Google Chrome - Renderer Process to Browser Process Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-8664
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a different vulnerability than CVE-2015-6792. Desbordamiento de entero en la función the WebCursor::Deserialize en content/common/cursors/webcursor.cc en Google Chrome en versiones anteriores a la 47.0.2526.106 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un array de pixel RGBA con dimensiones manipuladas, una vulnerabilidad diferente a CVE-2015-6792. • https://www.exploit-db.com/exploits/39039 http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_15.html http://www.securityfocus.com/bid/79686 http://www.securitytracker.com/id/1034491 http://www.ubuntu.com/usn/USN-2860-1 https://code.google.com/p/chromium/issues/detail?id=565023 https://code.google.com/p/chromium/issues/detail?id=569486 https://codereview.chromium.org/1498903003 https://access.redhat.com/security/cve/CVE-2015-8664 https://bugzilla.redhat. • CWE-189: Numeric Errors CWE-416: Use After Free •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2015-6792 – chromium-browser: Fixes from internal audits and fuzzing
https://notcve.org/view.php?id=CVE-2015-6792
The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664. El subsistema MIDI en Google Chrome en versiones anteriores a la 47.0.2526.106 no maneja correctamente el envío de datos, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de la aplicación) a través de vectores no especificados, relacionada con midi_manager.cc, midi_manager_alsa.cc y midi_manager_mac.cc, una vulnerabilidad diferente a CVE-2015-8664. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_15.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00030.html http://rhn.redhat.com/errata/RHSA-2015-2665.html http://www.debian.org/security/2016/dsa-3456 http://www.securityfocus.com/bid/79348 http://www.securitytracker.com/id/1034491 https://code.google.com/p/chromium/issues/detail?id=564501 https://code.google.com&# •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8548 – v8: multiple vulnerabilities fixed in 4.7.80.23
https://notcve.org/view.php?id=CVE-2015-8548
Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478. Múltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.7.80.23, como se utiliza en Google Chrome en versiones anteriores a 47.0.2526.80, permite a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos, un problema diferente a CVE-2015-8478. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html http://rhn.redhat.com/errata/RHSA-2015-2618.html http://www.ubuntu.com/usn/USN-2860-1 https://access.redhat.com/security/cve/CVE-2015-8548 https://bugzilla.redhat.com/show_bug.cgi?id=1291235 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6791 – chromium-browser: Various fixes from internal audits, fuzzing and other initiatives
https://notcve.org/view.php?id=CVE-2015-6791
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 47.0.2526.80 permite a atacantes causar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html http://rhn.redhat.com/errata/RHSA-2015-2618.html http://www.debian.org/security/2015/dsa-3418 http://www.securityfocus.com/bid/78734 http://www.ubuntu.com/usn/USN-2860-1 https://code.google.com/p/chromium/issues/detail?id=534994 https://code.google.com •