Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.43%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page.

  • EPSS 0.6%
  • Veröffentlicht 17.02.2017 07:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted H...

  • EPSS 1.04%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption or DoS via a crafted PDF file.

  • EPSS 1.08%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted...

  • EPSS 1.08%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled form actions, which allowed a remote attacker to bypass Content Security Policy via a crafted HTML page.

  • EPSS 0.74%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac executed javascript: URLs entered in the URL bar in the context of the current tab, which allowed a socially engineered user to XSS themselves by dragging and dropping a javascri...

  • EPSS 1.08%
  • Veröffentlicht 19.01.2017 05:59:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled iframes, which allowed a remote attacker to bypass a no-referrer policy via a crafted HTML page.

  • EPSS 0.98%
  • Veröffentlicht 19.01.2017 05:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including t...

  • EPSS 0.96%
  • Veröffentlicht 19.01.2017 05:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The content view client in Google Chrome prior to 54.0.2840.85 for Android insufficiently validated intent URLs, which allowed a remote attacker who had compromised the renderer process to start arbitrary activity on the system via a crafted HTML pag...

Warnung Exploit
  • EPSS 34.7%
  • Veröffentlicht 19.01.2017 05:59:00
  • Zuletzt bearbeitet 21.04.2026 17:51:16

V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading t...