|
268141
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1636
|
2024-11-21 11:46 |
2016-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268142
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, …
|
NVD-CWE-Other
|
CVE-2016-1635
|
2024-11-21 11:46 |
2016-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268143
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows rem…
|
NVD-CWE-Other
|
CVE-2016-1634
|
2024-11-21 11:46 |
2016-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268144
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
NVD-CWE-Other
|
CVE-2016-1633
|
2024-11-21 11:46 |
2016-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268145
|
8.8 |
HIGH
Network
|
google
|
chrome
|
The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1632
|
2024-11-21 11:46 |
2016-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268146
|
8.8 |
HIGH
Network
|
google
|
chrome
|
The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loop…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1631
|
2024-11-21 11:46 |
2016-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268147
|
8.8 |
HIGH
Network
|
google
|
chrome
|
The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1630
|
2024-11-21 11:46 |
2016-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268148
|
8.8 |
HIGH
Network
|
cisco
|
prime_infrastructure
|
Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled during viewing of a log file, aka Bug ID CSCuw81494.
|
CWE-20
Improper Input Validation
|
CVE-2016-1359
|
2024-11-21 11:46 |
2016-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268149
|
6.4 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1358
|
2024-11-21 11:46 |
2016-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268150
|
5.3 |
MEDIUM
Network
|
cisco
|
cisco_policy_suite
|
The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions an…
|
CWE-200
Information Exposure
|
CVE-2016-1357
|
2024-11-21 11:46 |
2016-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
