CVE-2016-1699
- EPSS 1.38%
- Veröffentlicht 05.06.2016 23:59:29
- Zuletzt bearbeitet 06.05.2026 22:30:45
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.ap...
CVE-2016-1697
- EPSS 1.85%
- Veröffentlicht 05.06.2016 23:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypa...
CVE-2016-1695
- EPSS 1.15%
- Veröffentlicht 05.06.2016 23:59:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1692
- EPSS 1.13%
- Veröffentlicht 05.06.2016 23:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote...
CVE-2016-1691
- EPSS 1.44%
- Veröffentlicht 05.06.2016 23:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoin...
CVE-2016-1689
- EPSS 1.03%
- Veröffentlicht 05.06.2016 23:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.
CVE-2016-1688
- EPSS 2.1%
- Veröffentlicht 05.06.2016 23:59:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via craf...
CVE-2016-1683
- EPSS 2.14%
- Veröffentlicht 05.06.2016 23:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via ...
CVE-2016-1682
- EPSS 1.11%
- Veröffentlicht 05.06.2016 23:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (C...
CVE-2016-1680
- EPSS 1.28%
- Veröffentlicht 05.06.2016 23:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown v...