Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.35%
  • Veröffentlicht 07.08.2016 19:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Or...

  • EPSS 1.7%
  • Veröffentlicht 07.08.2016 19:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access ...

  • EPSS 1.76%
  • Veröffentlicht 07.08.2016 19:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access ...

  • EPSS 1.66%
  • Veröffentlicht 07.08.2016 19:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspeci...

  • EPSS 1.48%
  • Veröffentlicht 07.08.2016 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp.

  • EPSS 1.85%
  • Veröffentlicht 07.08.2016 19:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafte...

  • EPSS 1.28%
  • Veröffentlicht 07.08.2016 19:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified ...

  • EPSS 1.17%
  • Veröffentlicht 01.08.2016 02:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffer overflow and use-after-free) by leveraging an unr...

  • EPSS 1.28%
  • Veröffentlicht 23.07.2016 19:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and do...

  • EPSS 1.38%
  • Veröffentlicht 23.07.2016 19:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors re...