CVE-2016-1672
- EPSS 1.53%
- Veröffentlicht 05.06.2016 23:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypa...
- EPSS 4.69%
- Veröffentlicht 30.04.2016 17:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or...
- EPSS 4.69%
- Veröffentlicht 30.04.2016 17:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...
- EPSS 1.46%
- Veröffentlicht 18.04.2016 10:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1656
- EPSS 1.46%
- Veröffentlicht 18.04.2016 10:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors.
CVE-2016-1655
- EPSS 2.14%
- Veröffentlicht 18.04.2016 10:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted e...
CVE-2016-1654
- EPSS 1.2%
- Veröffentlicht 18.04.2016 10:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors.
CVE-2016-1653
- EPSS 2.57%
- Veröffentlicht 18.04.2016 10:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that tri...
CVE-2016-1652
- EPSS 1.06%
- Veröffentlicht 18.04.2016 10:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script o...
CVE-2016-1651
- EPSS 1.28%
- Veröffentlicht 18.04.2016 10:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers to obtain sensitive information from process memory...