Google

Chrome

3758 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2017-5023

  • EPSS 0.67%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.

5.5

CVE-2017-5024

  • EPSS 0.2%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

5.5

CVE-2017-5025

  • EPSS 0.35%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

4.3

CVE-2017-5026

  • EPSS 0.58%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page.

4.3

CVE-2017-5027

  • EPSS 0.11%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted H...

6.5

CVE-2016-5223

  • EPSS 0.48%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption or DoS via a crafted PDF file.

4.3

CVE-2016-5224

  • EPSS 0.23%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted...

4.3

CVE-2016-5225

  • EPSS 0.23%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page.

6.1

CVE-2016-5226

  • EPSS 0.16%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac executed javascript: URLs entered in the URL bar in the context of the current tab, which allowed a socially engineered user to XSS themselves by dragging and dropping a javascri...

4.3

CVE-2016-9650

  • EPSS 0.23%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled iframes, which allowed a remote attacker to bypass a no-referrer policy via a crafted HTML page.