|
264941
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, …
|
CWE-254
7PK - Security Features
|
CVE-2016-5145
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264942
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which…
|
CWE-284
Improper Access Control
|
CVE-2016-5144
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264943
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-5143
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264944
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial o…
|
CWE-416
Use After Free
|
CVE-2016-5142
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264945
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.…
|
CWE-20
Improper Input Validation
|
CVE-2016-5141
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264946
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5140
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264947
|
7.6 |
HIGH
Network
|
google
|
chrome
|
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-b…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5139
|
2024-11-21 11:53 |
2016-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264948
|
9.1 |
CRITICAL
Network
|
libgd
opensuse
debian
|
libgd
leap
debian_linux
|
gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memor…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-5116
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264949
|
9.1 |
CRITICAL
Network
|
php
|
php
|
sapi/fpm/fpm/fpm_log.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 misinterprets the semantics of the snprintf return value, which allows attackers to obtain sensitive information…
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2016-5114
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264950
|
8.6 |
HIGH
Network
|
php
|
php
|
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impa…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2016-5096
|
2024-11-21 11:53 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
