Google

Chrome

3771 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-5182

  • EPSS 0.54%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages.

8.8

CVE-2016-5183

  • EPSS 0.86%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files.

8.8

CVE-2016-5184

  • EPSS 0.51%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption v...

8.8

CVE-2016-5185

  • EPSS 0.51%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly allowed reentrance of FrameView::updateLifecyclePhasesInternal(), which allowed a remote attacker to perform an out of bounds memory read v...

6.8

CVE-2016-5186

  • EPSS 0.33%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Devtools in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled objects after a tab crash, which allowed a remote attacker to perform an out of bounds memory read via crafted PDF files.

6.5

CVE-2016-5187

  • EPSS 0.39%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages.

4.3

CVE-2016-5188

  • EPSS 0.36%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple issues in Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux allow a remote attacker to spoof various parts of browser UI via crafted HTML pages.

6.5

CVE-2016-5189

  • EPSS 0.35%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pa...

6.8

CVE-2016-5190

  • EPSS 0.61%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles during shutdown, which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages.

6.1

CVE-2016-5191

  • EPSS 0.39%
  • Veröffentlicht 18.12.2016 03:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Bookmark handling in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via crafted HTML p...