Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.23%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

  • EPSS 2.1%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a cr...

  • EPSS 1.22%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitr...

  • EPSS 1.42%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 1.2%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, resolved promises in an inappropriate context, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

  • EPSS 1.49%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem contents via a crafted HTML page.

  • EPSS 1.74%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 1.33%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-selected tabs, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • EPSS 1.36%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • EPSS 1.34%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.