CVE-2016-5163
- EPSS 1.46%
- Published 11.09.2016 10:59:19
- Last modified 12.04.2025 10:46:40
The bidirectional-text implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not ensure left-to-right (LTR) rendering of URLs, which allows remote attackers to spoof the address bar via crafted ...
CVE-2016-5162
- EPSS 0.68%
- Published 11.09.2016 10:59:18
- Last modified 12.04.2025 10:46:40
The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resource...
CVE-2016-5161
- EPSS 1.83%
- Published 11.09.2016 10:59:17
- Last modified 12.04.2025 10:46:40
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attack...
CVE-2016-5160
- EPSS 0.68%
- Published 11.09.2016 10:59:16
- Last modified 12.04.2025 10:46:40
The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resource...
CVE-2016-5159
- EPSS 1.26%
- Published 11.09.2016 10:59:15
- Last modified 12.04.2025 10:46:40
Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have uns...
CVE-2016-5158
- EPSS 0.75%
- Published 11.09.2016 10:59:14
- Last modified 12.04.2025 10:46:40
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-...
CVE-2016-5157
- EPSS 6.59%
- Published 11.09.2016 10:59:13
- Last modified 12.04.2025 10:46:40
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via c...
CVE-2016-5156
- EPSS 1.68%
- Published 11.09.2016 10:59:12
- Last modified 12.04.2025 10:46:40
extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure to add an event matcher, which allows remote attac...
CVE-2016-5154
- EPSS 1.05%
- Published 11.09.2016 10:59:10
- Last modified 12.04.2025 10:46:40
Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a cra...
CVE-2016-5155
- EPSS 0.77%
- Published 11.09.2016 10:59:10
- Last modified 12.04.2025 10:46:40
Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site.