VIR Vulnerability Intelligence Relay

Search

Found 1,144 results in 430ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-5092 high 8.8 8.8 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5091 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5088 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5087 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5080 high 8.8 8.8 FIX arch arch linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5078 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5077 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5074 high 8.0 8.0 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5073 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5068 high 7.5 7.5 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5064 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5063 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5062 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5059 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5058 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5057 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5056 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5055 high 8.8 8.8 FIX arch arch linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5054 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2017-5052 high 8.8 8.8 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2015-5237 high 8.8 8.8 debian debian google 9y ago protobuf susceptible to buffer overflow
CVE-2017-9245 high 7.5 7.5 google 9y ago The Google News and Weather application before 3.3.1 for Android allows remote attackers to read OAuth tokens by sniffing the network and leveraging the lack of SSL.
CVE-2016-5177 high 8.8 8.8 FIX arch archdebian debiansuse suse google 9y ago arbitrary code execution in chromium
CVE-2017-5029 high 8.8 8.8 FIX arch arch slesdebian debian googlexmlsoft 9y ago multiple issues in chromium
CVE-2017-5051 high 8.8 8.8 macos macos linux-kernel google 9y ago An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2017-5050 high 8.8 8.8 macos macos linux-kernel google 9y ago An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2017-5049 high 8.8 8.8 linux-kernelmacos macos google 9y ago An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2017-5048 high 8.8 8.8 linux-kernelmacos macos google 9y ago An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2017-5047 high 8.8 8.8 linux-kernelmacos macos google 9y ago An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a…
CVE-2017-5043 high 8.8 8.8 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5039 high 7.8 7.8 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5037 high 7.8 7.8 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5036 high 7.8 7.8 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5035 high 8.1 8.1 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5034 high 8.8 8.8 FIX arch arch linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5032 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5031 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2016-5168 high 7.5 7.5 google 9y ago Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information.
CVE-2013-6648 high 7.5 7.5 google 9y ago SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
CVE-2017-5012 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5009 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2016-5213 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5211 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5210 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5209 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5206 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5203 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5200 high 8.8 8.8 sles google 10y ago V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attac…
CVE-2016-5199 high 8.8 8.8 FIX debian debian google 10y ago An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for A…
CVE-2016-5197 high 8.8 8.8 google 10y ago The content view client in Google Chrome prior to 54.0.2840.85 for Android insufficiently validated intent URLs, which allowed a remote attacker who had compromised the renderer process to start arbi…
CVE-2016-5196 high 8.8 8.8 google 10y ago The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any d…
CVE-2016-5185 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5184 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5183 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-5182 high 8.8 8.8 FIX arch arch google 10y ago multiple issues in chromium
CVE-2016-7549 high 8.8 8.8 google 10y ago Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service (inva…
CVE-2016-5175 high 8.8 8.8 google 10y ago Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-5173 high 7.1 7.1 google 10y ago The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trig…
CVE-2016-5171 high 8.8 8.8 google 10y ago WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of …
CVE-2016-5170 high 8.8 8.8 google 10y ago WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which al…
CVE-2015-8960 high 8.1 8.1 sles ietfapplegoogle 10y ago The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute t…
CVE-2016-7395 high 8.8 8.8 google 10y ago SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, does not properly validate the return values of ChopMonoAtY calls, which allows …
CVE-2016-5167 high 8.8 8.8 suse suse google 10y ago Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allow attackers to cause a denial of service or possibly have other impa…
CVE-2016-5161 high 8.8 8.8 suse suse google 10y ago The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, misha…
CVE-2016-5159 high 8.8 8.8 FIX suse susedebian debian google 10y ago Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of servic…
CVE-2016-5158 high 8.8 8.8 FIX suse susedebian debian google 10y ago Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow r…
CVE-2016-5157 high 8.8 8.8 FIX suse susefedora fedoradebian debian google 10y ago Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allo…
CVE-2016-5156 high 8.8 8.8 suse suse google 10y ago extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure…
CVE-2016-5154 high 8.8 8.8 suse suse google 10y ago Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service …
CVE-2016-5153 high 8.8 8.8 suse suse google 10y ago The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote…
CVE-2016-5152 high 8.8 8.8 FIX suse susedebian debian google 10y ago Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow…
CVE-2016-5151 high 8.8 8.8 suse suse google 10y ago PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or poss…
CVE-2016-5150 high 8.8 8.8 suse suse google 10y ago WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka Ind…
CVE-2016-5149 high 8.8 8.8 suse suse google 10y ago The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows rem…
CVE-2016-5145 high 8.8 8.8 google 10y ago Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, …
CVE-2016-5141 high 7.5 7.5 google 10y ago Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.…
CVE-2016-5139 high 7.6 7.6 FIX debian debian google 10y ago Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-b…
CVE-2016-5138 high 8.8 8.8 google 10y ago Integer overflow in the kbasep_vinstr_attach_client function in midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service (heap-based buffe…
CVE-2016-5136 high 8.8 8.8 google 10y ago Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or po…
CVE-2016-5134 high 8.8 8.8 google 10y ago net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows rem…
CVE-2016-5132 high 8.8 8.8 google 10y ago The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows rem…
CVE-2016-5131 high 8.8 8.8 FIX slesarch archdebian debian googlexmlsoft 10y ago Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via…
CVE-2016-5129 high 8.8 8.8 google 10y ago Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruptio…
CVE-2016-5128 high 8.8 8.8 google 10y ago objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remot…
CVE-2016-5127 high 7.5 7.5 google 10y ago Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly ha…
CVE-2016-1711 high 8.8 8.8 google 10y ago WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows …
CVE-2016-1710 high 8.8 8.8 google 10y ago The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which…
CVE-2016-1709 high 8.8 8.8 google 10y ago Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a deni…
CVE-2016-1708 high 8.8 8.8 google 10y ago The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which…
CVE-2016-1705 high 8.8 8.8 google 10y ago Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1704 high 8.8 8.8 sles rhelsuse suse googlenovell 10y ago Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1703 high 8.8 8.8 rhelubuntu ubuntudebian debian google 10y ago Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1701 high 8.8 8.8 rheldebian debiansuse suse google 10y ago The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to …
CVE-2016-1700 high 7.5 7.5 rheldebian debiansuse suse google 10y ago extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cau…
CVE-2016-1697 high 8.8 8.8 rhelubuntu ubuntudebian debian google 10y ago The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detac…
CVE-2016-1696 high 8.8 8.8 suse susedebian debian rhel google 10y ago The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
CVE-2016-1695 high 8.8 8.8 suse susedebian debianubuntu ubuntu google 10y ago Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1691 high 7.5 7.5 suse susedebian debianubuntu ubuntu google 10y ago Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified o…
CVE-2016-1690 high 7.5 7.5 suse susedebian debian rhel google 10y ago The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to …
CVE-2016-1684 high 7.5 7.5 FIX debian debian googlexmlsoft 10y ago numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (intege…