Google

Chrome

5395 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.6%
  • Veröffentlicht 23.07.2016 19:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the ...

  • EPSS 1.52%
  • Veröffentlicht 23.07.2016 19:59:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating ...

  • EPSS 0.97%
  • Veröffentlicht 23.07.2016 19:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server ...

  • EPSS 1.47%
  • Veröffentlicht 23.07.2016 19:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via ...

  • EPSS 2.27%
  • Veröffentlicht 23.07.2016 19:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

  • EPSS 1.2%
  • Veröffentlicht 23.07.2016 19:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL display via a crafted web site.

  • EPSS 2.09%
  • Veröffentlicht 23.07.2016 19:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via cr...

  • EPSS 1.29%
  • Veröffentlicht 23.07.2016 19:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a ...

  • EPSS 1.31%
  • Veröffentlicht 23.07.2016 19:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript ...

  • EPSS 1.5%
  • Veröffentlicht 23.07.2016 19:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy v...