8387 matches found
chromium -- vulnerability
Google Chrome Releases reports: 45 security fixes in this release: 758848 High CVE-2017-11215: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25 758863 High CVE-2017-11225: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25 780919 High...
UBUNTU-CVE-2016-1661
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a...
Google Chrome < 50.0.2661.94 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 50.0.2661.94. It is, therefore, affected by multiple vulnerabilities as referenced in the 201604stable-channel-update28 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attacke...
Google Chrome < 50.0.2661.94 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 50.0.2661.94. It is, therefore, affected by multiple vulnerabilities as referenced in the 201604stable-channel-update28 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers...
KLA10799 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions and obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple unknown...
thunderbird: multiple issues
CVE-2016-1955 same-origin policy bypass A vulnerability allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element. - CVE-2016-1956 denial of...
Updated chromium-browser-stable packages fix security vulnerabilities
Chromium-browser-stable 50.0.2661.75 fixes security issues: Cross-site scripting XSS vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary we...
CVE-2016-1658
The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension...
CVE-2016-1658
The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension...
Design/Logic Flaw
The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension...
CVE-2016-1658
The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension...
UBUNTU-CVE-2016-1658
The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension...
CVE-2016-1658
CVE-2016-1658 affects Google Chrome’s Extensions subsystem, where GetOrigin-based origin comparisons could allow a malicious extension to access sensitive information and leak data across origins. The vulnerability is tied to how file: URL origins were handled, enabling potential leakage via exte...
CVE-2016-1658
Removed by vendor...
chromium-browser: potential leak of sensitive information to malicious extensions
The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension...
Apple OSX Message cross-domain scripting attacks vulnerability details(CVE-2 0 1 6-1 7 6 4-the vulnerability warning-the black bar safety net
! Apple in 3 months to fix the CVE-2 0 1 6-1 7 6 4 out of CNNVD-2 0 1 6 0 3-3 4 7, is an application-layer vulnerabilities that can lead to a remote attacker by means of a iMessage client leaked all message content and attachments. Contrast to attack the iMessage Protocol, this is a relatively...
CVE-2016-0161
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158...
CVE-2016-0158
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161...
Privilege escalation
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0158...
CVE-2016-0158
Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Edge Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0161...