|
265341
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5175
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265342
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers t…
|
CWE-20
Improper Input Validation
|
CVE-2016-5174
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265343
|
7.1 |
HIGH
Network
|
google
|
chrome
|
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trig…
|
CWE-284
Improper Access Control
|
CVE-2016-5173
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265344
|
6.5 |
MEDIUM
Network
|
google
nodejs
debian
|
chrome
node.js
debian_linux
|
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted Ja…
|
CWE-200
Information Exposure
|
CVE-2016-5172
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265345
|
8.8 |
HIGH
Network
|
google
|
chrome
|
WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of …
|
CWE-416
Use After Free
|
CVE-2016-5171
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265346
|
8.8 |
HIGH
Network
|
google
|
chrome
|
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which al…
|
CWE-416
Use After Free
|
CVE-2016-5170
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265347
|
8.8 |
HIGH
Network
|
google
|
chrome_os
|
Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2016-5169
|
2024-11-21 11:53 |
2016-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265348
|
8.8 |
HIGH
Network
|
iodata
|
hvl-a2.0_firmware
hvl-a3.0_firmware
hvl-a4.0_firmware
hvl-at1.0s_firmware
hvl-at2.0_firmware
hvl-at2.0a_firmware
hvl-at3.0_firmware
hvl-at3.0a_firmware
hvl-at4.0_firmware
h…
|
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmw…
|
CWE-352
Origin Validation Error
|
CVE-2016-4845
|
2024-11-21 11:53 |
2016-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265349
|
7.4 |
HIGH
Network
|
mozilla
|
firefox
|
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spo…
|
CWE-20
Improper Input Validation
|
CVE-2016-5284
|
2024-11-21 11:53 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265350
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions …
|
CWE-284
Improper Access Control
|
CVE-2016-5283
|
2024-11-21 11:53 |
2016-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
