Google

Chrome

3758 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2016-1644

  • EPSS 1.83%
  • Veröffentlicht 13.03.2016 22:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecifie...

9.3

CVE-2016-1643

  • EPSS 2.02%
  • Veröffentlicht 13.03.2016 22:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause...

5.3

CVE-2016-2845

  • EPSS 0.65%
  • Veröffentlicht 06.03.2016 02:59:15
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 49.0.2623.75, does not ignore a URL's path component in the case of a ServiceWorker fetch, which allows remote attackers to obtain sensitive information about ...

9.3

CVE-2016-2844

  • EPSS 1.99%
  • Veröffentlicht 06.03.2016 02:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service (incorrect cast and asse...

10

CVE-2016-2843

  • EPSS 0.89%
  • Veröffentlicht 06.03.2016 02:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

10

CVE-2016-1642

  • EPSS 1.86%
  • Veröffentlicht 06.03.2016 02:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

4.3

CVE-2016-1640

  • EPSS 0.76%
  • Veröffentlicht 06.03.2016 02:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block installations upon deletion of an installation frame, which makes it easier for remote attackers to trick a user into believing tha...

9.3

CVE-2016-1641

  • EPSS 1.74%
  • Veröffentlicht 06.03.2016 02:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download afte...

10

CVE-2016-1639

  • EPSS 5.7%
  • Veröffentlicht 06.03.2016 02:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possib...

6.8

CVE-2016-1638

  • EPSS 0.77%
  • Veröffentlicht 06.03.2016 02:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app...