CVE-2016-3679
- EPSS 1.22%
- Veröffentlicht 29.03.2016 10:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1650
- EPSS 1.2%
- Veröffentlicht 29.03.2016 10:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by tri...
CVE-2016-1649
- EPSS 2.88%
- Veröffentlicht 29.03.2016 10:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or...
CVE-2016-1648
- EPSS 1.93%
- Veröffentlicht 29.03.2016 10:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspeci...
CVE-2016-1647
- EPSS 2.05%
- Veröffentlicht 29.03.2016 10:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of...
CVE-2016-1646
- EPSS 48.11%
- Veröffentlicht 29.03.2016 10:59:00
- Zuletzt bearbeitet 21.04.2026 17:50:52
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or po...
CVE-2016-1645
- EPSS 1.98%
- Veröffentlicht 13.03.2016 22:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or...
CVE-2016-1644
- EPSS 2.06%
- Veröffentlicht 13.03.2016 22:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecifie...
CVE-2016-1643
- EPSS 2.75%
- Veröffentlicht 13.03.2016 22:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause...
CVE-2016-2845
- EPSS 2.22%
- Veröffentlicht 06.03.2016 02:59:15
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 49.0.2623.75, does not ignore a URL's path component in the case of a ServiceWorker fetch, which allows remote attackers to obtain sensitive information about ...