4739 matches found
CVE-2016-1669
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impa...
CVE-2016-1669
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impa...
Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing
Software Link:http://en.browser.baidu.com/query/fullpackage.exe?lang=en Version:43.23.1000.476 Tested on:Win7/WinXP details: The baidu spark browser is vulnerable to Address Bar Spoofing in the latest version of the browser43.23.1000.476. Using the specail javascript code it was able to spoof the...
Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing
Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing Software Link:http://en.browser.baidu.com/query/fullpackage.exe?lang=en Version:43.23.1000.476 Tested on:Win7/WinXP details: The baidu spark browser is vulnerable to Address Bar Spoofing in the latest version of the...
chromium-browser: information leak in v8
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code...
CVE-2016-1665
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code...
CVE-2016-1653
The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related...
Out-of-bounds
The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related...
CVE-2016-1653
Removed by vendor...
CVE-2016-1653
CVE-2016-1653 is an out-of-bounds write in Google V8 used by Chrome up to version 50.0.2661.75. The issue, tied to compiler/pipeline.cc and compiler/simplified-lowering.cc, could cause a denial of service and possibly other impact via crafted JavaScript. Affected software includes Google Chrome/C...
CVE-2016-1653
The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related...
Information disclosure
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."...
CVE-2016-0162
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka "Internet Explorer Information Disclosure Vulnerability."...
BahnSharing - Gruppentickets - External URLs, WebView JavaScript enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application BahnSharing - Gruppentickets published at the 'play' market has multiple vulnerabilities...
CubeCart 6.0.10 - Multiple Vulnerabilities
Exploit for php platform in category web applications Product: CubeCart Vendor: CubeCart Limited Vulnerable Versions: 6.0.10 and probably prior Tested Version: 6.0.10 Advisory Publication: March 2, 2016 without technical details Vendor Notification: March 2, 2016 Vendor Patch: March 16, 2016 Publ...
Out-of-bounds
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted...
CVE-2016-1648
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimesextensionbindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code...
CVE-2016-1648
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimesextensionbindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code...
CVE-2016-1646
Summary: CVE-2016-1646 affects Google Chrome’s V8 engine. The Array.prototype.concat implementation in V8/builtins.cc does not properly consider element data types, enabling a remote attacker to cause a denial of service (out-of-bounds read) via crafted JavaScript code. Affected software/versions...
CVE-2016-1648
Removed by vendor...