VIR Vulnerability Intelligence Relay

Search

Found 1,173 results in 143ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-5072 medium 6.5 6.5 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5071 medium 6.3 6.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5069 medium 6.1 6.1 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5067 medium 6.5 6.5 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5066 medium 6.5 6.5 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5065 medium 4.7 4.7 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5061 medium 5.3 5.3 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5060 medium 6.5 6.5 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5053 critical 9.6 9.6 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2015-1239 medium 6.5 6.5 FIX slesdebian debian uclouvaingoogle 9y ago Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a craf…
CVE-2015-1206 medium 5.5 5.5 google 9y ago Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file.
CVE-2015-1207 medium 6.5 6.5 FIX debian debian google 9y ago Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.
CVE-2016-5178 critical 9.8 9.8 FIX arch archdebian debiansuse suse google 9y ago arbitrary code execution in chromium
CVE-2017-9045 medium 5.9 5.9 google 9y ago The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof …
CVE-2017-5046 medium 4.3 4.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5045 medium 6.1 6.1 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5044 medium 6.3 6.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5042 medium 5.7 5.7 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5041 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5040 medium 4.3 4.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5038 medium 6.3 6.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5033 medium 4.3 4.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2014-9654 critical 9.8 9.8 FIX debian debian googleicu-project 9y ago The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring tha…
CVE-2013-6647 critical 9.8 9.8 google 9y ago A use-after-free in AnimationController::endAnimationUpdate in Google Chrome.
CVE-2017-5027 medium 4.3 4.3 google 9y ago Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacke…
CVE-2017-5026 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5025 medium 5.5 5.5 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5024 medium 5.5 5.5 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5023 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5022 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5021 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5020 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5019 medium 6.3 6.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5018 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5017 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5016 medium 6.5 6.5 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5015 medium 6.5 6.5 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5014 medium 6.3 6.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5013 medium 6.5 6.5 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5011 medium 6.5 6.5 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5010 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5008 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5007 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5006 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2016-9650 medium 4.3 4.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5226 medium 6.1 6.1 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5225 medium 4.3 4.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5224 medium 4.3 4.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5223 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5222 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5221 medium 6.3 6.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5220 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5219 medium 6.3 6.3 FIX slesarch arch google 10y ago multiple issues in chromium
CVE-2016-5218 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5217 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5216 medium 6.3 6.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5215 medium 6.3 6.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5214 medium 4.3 4.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5212 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5208 medium 6.1 6.1 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5207 medium 6.1 6.1 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5205 medium 6.1 6.1 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5204 medium 6.1 6.1 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5201 medium 6.5 6.5 google 10y ago A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged J…
CVE-2016-5193 medium 4.3 4.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5192 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5191 medium 6.1 6.1 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5190 medium 6.3 6.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5189 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5188 medium 4.3 4.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5187 medium 6.5 6.5 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5186 medium 5.3 5.3 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5181 medium 6.1 6.1 FIX arch arch google 10y ago multiple issues in chromium
CVE-2005-4900 medium 5.9 5.9 google 10y ago SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists …
CVE-2016-5176 medium 6.5 6.5 google 10y ago Google Chrome before 53.0.2785.113 allows remote attackers to bypass the SafeBrowsing protection mechanism via unspecified vectors.
CVE-2016-5174 medium 6.5 6.5 google 10y ago browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers t…
CVE-2016-5172 medium 6.5 6.5 debian debian googlenodejs 10y ago The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted Ja…
CVE-2016-5166 low 3.1 3.1 suse suse google 10y ago The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// …
CVE-2016-5165 medium 6.1 6.1 suse suse google 10y ago Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attack…
CVE-2016-5164 medium 6.1 6.1 suse suse google 10y ago Cross-site scripting (XSS) vulnerability in WebKit/Source/platform/v8_inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Li…
CVE-2016-5163 medium 4.3 4.3 suse suse google 10y ago The bidirectional-text implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not ensure left-to-right (LTR) rendering of URLs, which allows rem…
CVE-2016-5162 medium 6.5 6.5 suse suse google 10y ago The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use a…
CVE-2016-5160 medium 6.5 6.5 suse suse google 10y ago The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use a…
CVE-2016-5155 medium 6.5 6.5 suse suse google 10y ago Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address ba…
CVE-2016-5148 medium 6.1 6.1 google 10y ago Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web s…
CVE-2016-5147 medium 6.1 6.1 google 10y ago Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script …
CVE-2016-7153 medium 5.3 5.3 microsoftgoogleapple 10y ago The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by lever…
CVE-2016-7152 medium 5.3 5.3 operaapplemozilla 10y ago The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by levera…
CVE-2016-5146 critical 9.8 9.8 google 10y ago Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-5144 critical 9.8 9.8 google 10y ago The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which…
CVE-2016-5143 critical 9.8 9.8 google 10y ago The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which…
CVE-2016-5142 critical 9.8 9.8 google 10y ago The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial o…
CVE-2016-5140 critical 9.8 9.8 google 10y ago Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service o…
CVE-2016-5137 medium 4.3 4.3 google 10y ago The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does no…
CVE-2016-5135 medium 6.5 6.5 google 10y ago WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload re…
CVE-2016-5133 medium 5.3 5.3 google 10y ago Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect…
CVE-2016-5130 medium 6.5 6.5 google 10y ago content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL dis…
CVE-2016-1707 medium 6.5 6.5 google 10y ago ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof…
CVE-2016-1706 critical 9.6 9.6 google 10y ago The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows re…
CVE-2016-1702 medium 6.5 6.5 rhelubuntu ubuntudebian debian google 10y ago The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial…