|
264981
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload re…
|
CWE-20
Improper Input Validation
|
CVE-2016-5135
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264982
|
8.8 |
HIGH
Network
|
google
|
chrome
|
net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows rem…
|
CWE-200
Information Exposure
|
CVE-2016-5134
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264983
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect…
|
CWE-287
Improper Authentication
|
CVE-2016-5133
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264984
|
8.8 |
HIGH
Network
|
google
|
chrome
|
The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows rem…
|
CWE-254
7PK - Security Features
|
CVE-2016-5132
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264985
|
8.8 |
HIGH
Network
|
google
xmlsoft
apple
canonical
redhat
suse
opensuse
debian
|
chrome
libxml2
watchos
tvos
iphone_os
mac_os_x
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
linux_enterprise
leap
ope…
|
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via…
|
CWE-416
Use After Free
|
CVE-2016-5131
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264986
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL dis…
|
CWE-284
Improper Access Control
|
CVE-2016-5130
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264987
|
8.8 |
HIGH
Network
|
google
|
chrome
v8
|
Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruptio…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5129
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264988
|
8.8 |
HIGH
Network
|
google
|
chrome
v8
|
objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remot…
|
CWE-254
7PK - Security Features
|
CVE-2016-5128
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264989
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly ha…
|
CWE-416
Use After Free
|
CVE-2016-5127
|
2024-11-21 11:53 |
2016-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264990
|
9.8 |
CRITICAL
Network
|
objective_systems
|
asn1c
|
Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of se…
|
NVD-CWE-Other
|
CVE-2016-5080
|
2024-11-21 11:53 |
2016-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
