6903 matches found
CVE-2016-5196
The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HT...
Design/Logic Flaw
The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HT...
Design/Logic Flaw
A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
CVE-2016-5196
The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HT...
CVE-2016-5206
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
Design/Logic Flaw
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
CVE-2016-5196
The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HT...
CVE-2016-5206
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
CVE-2016-5206
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
UBUNTU-CVE-2016-5206
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
CVE-2016-5196
The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HT...
CVE-2016-5196
The CVE-2016-5196 entry concerns Google Chrome for Android prior to version 54.0.2840.85. The content renderer client fails to enforce the Same Origin Policy among downloaded files, allowing a remote attacker to access downloaded files and interact with sites the user is logged into via a crafted...
CVE-2016-5206
CVE-2016-5206 is a same-origin policy bypass in the PDFium component used by the Chromium browser. Multiple connected advisories confirm a PDFium-related bypass vulnerability that could allow bypass of origin restrictions via crafted content, enabling potential access to restricted data. Affected...
CVE-2016-5224
CVE-2016-5224 affects Chromium/Blink SVG handling. The Debian advisory and related feeds describe a same-origin policy bypass in the SVG component of the Chromium browser, with historical references to a timing-attack-derived bypass in denormalized floating-point SVG filters (Chrome prior to 55.0...
CVE-2016-5206
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
CVE-2016-5224
A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page...
CVE-2016-5224
Removed by vendor...
CVE-2016-5206
Removed by vendor...
CVE-2016-5196
Removed by vendor...
XSSI: a not famous but the impact of a wide range of Web vulnerabilities-vulnerability warning-the black bar safety net
Find a specific category of vulnerability two key components: vulnerability awareness and find the vulnerability of the difficulty. Cross-site scripting containsXSSIvulnerability in the fact of a common standard i.e.: OWASP TOP 10 and is not mentioned. In addition and there is no disclosure of th...