|
267311
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_contact_center_express
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via ve…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1298
|
2024-11-21 11:46 |
2016-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267312
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2016-1620
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267313
|
7.6 |
HIGH
Network
|
google
|
chrome
|
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attac…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1619
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267314
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat …
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2016-1618
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267315
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 48.0.2564.82, does no…
|
CWE-200
Information Exposure
|
CVE-2016-1617
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267316
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in Google Chrome before 48.0.2564.82 allows remote attackers to spoof URLs via vectors involving an unfocuse…
|
CWE-254
7PK - Security Features
|
CVE-2016-1616
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267317
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors.
|
CWE-254
7PK - Security Features
|
CVE-2016-1615
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267318
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization …
|
CWE-200
Information Exposure
|
CVE-2016-1614
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267319
|
7.6 |
HIGH
Network
|
google
|
chrome
|
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have …
|
NVD-CWE-Other
|
CVE-2016-1613
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267320
|
7.6 |
HIGH
Network
|
google
|
chrome
|
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, w…
|
CWE-20
Improper Input Validation
|
CVE-2016-1612
|
2024-11-21 11:46 |
2016-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
