CVE-2016-2844
- EPSS 2.12%
- Veröffentlicht 06.03.2016 02:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service (incorrect cast and asse...
- EPSS 1.11%
- Veröffentlicht 06.03.2016 02:59:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- EPSS 1.59%
- Veröffentlicht 06.03.2016 02:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1640
- EPSS 1.15%
- Veröffentlicht 06.03.2016 02:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block installations upon deletion of an installation frame, which makes it easier for remote attackers to trick a user into believing tha...
CVE-2016-1641
- EPSS 1.89%
- Veröffentlicht 06.03.2016 02:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download afte...
- EPSS 2.34%
- Veröffentlicht 06.03.2016 02:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possib...
CVE-2016-1638
- EPSS 1.05%
- Veröffentlicht 06.03.2016 02:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app...
CVE-2016-1637
- EPSS 1.12%
- Veröffentlicht 06.03.2016 02:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in Skia, as used in Google Chrome before 49.0.2623.75, mishandles arctangent calculations, which allows remote attackers to obtain sensitive information via a crafted web site.
CVE-2016-1636
- EPSS 1.84%
- Veröffentlicht 06.03.2016 02:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote...
- EPSS 2.34%
- Veröffentlicht 06.03.2016 02:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of ...