Opensuse

Opensuse

1454 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2016-1670

  • EPSS 0.68%
  • Published 14.05.2016 21:59:10
  • Last modified 12.04.2025 10:46:40

Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a...

9.3

CVE-2016-1669

  • EPSS 4.82%
  • Published 14.05.2016 21:59:09
  • Last modified 12.04.2025 10:46:40

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer ...

8.8

CVE-2016-1668

  • EPSS 1.2%
  • Published 14.05.2016 21:59:08
  • Last modified 12.04.2025 10:46:40

The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy ...

8.8

CVE-2016-1667

  • EPSS 0.62%
  • Published 14.05.2016 21:59:07
  • Last modified 12.04.2025 10:46:40

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote at...

9.8

CVE-2016-1666

  • EPSS 0.78%
  • Published 14.05.2016 21:59:06
  • Last modified 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

6.5

CVE-2016-1665

  • EPSS 1.6%
  • Published 14.05.2016 21:59:05
  • Last modified 12.04.2025 10:46:40

The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.

4.3

CVE-2016-1664

  • EPSS 1.06%
  • Published 14.05.2016 21:59:04
  • Last modified 12.04.2025 10:46:40

The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attacker...

8.8

CVE-2016-1663

  • EPSS 1.42%
  • Published 14.05.2016 21:59:03
  • Last modified 12.04.2025 10:46:40

The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which all...

10

CVE-2016-1662

  • EPSS 15.29%
  • Published 14.05.2016 21:59:02
  • Last modified 12.04.2025 10:46:40

extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have...

8.3

CVE-2016-1661

  • EPSS 0.96%
  • Published 14.05.2016 21:59:01
  • Last modified 12.04.2025 10:46:40

Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) o...