Lucene search
K

116 matches found

OSV
OSV
added 2016/03/06 2:59 a.m.4 views

CVE-2016-1636

The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity...

9.8CVSS7.3AI score0.01836EPSS
Exploits0References12
Prion
Prion
added 2016/03/06 2:59 a.m.22 views

Memory corruption

The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity...

7.5CVSS6.5AI score0.01836EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2016/03/06 2:0 a.m.28 views

CVE-2016-1636

The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity...

8.9AI score0.01836EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2016/03/05 12:0 a.m.20 views

CVE-2016-1636

The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity...

9.8CVSS7.2AI score0.01836EPSS
Exploits0References3
OSV
OSV
added 2016/03/05 12:0 a.m.3 views

UBUNTU-CVE-2016-1636

The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity...

9.8CVSS7.3AI score0.01836EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/03/05 12:0 a.m.33 views

Debian Security Advisory DSA 3507-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-8126 Joerg Bornemann discovered multiple buffer overflow issues in the libpng library. CVE-2016-1630 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in Blink/Webkit. CVE-2016-1631 Mariusz Mlynski...

10CVSS0.6AI score0.10339EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2016/03/04 12:0 a.m.21 views

Debian: Security Advisory (DSA-3507-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.6AI score0.10339EPSS
Exploits3References3
Jake Archibald's Blog
Jake Archibald's Blog
added 2016/02/02 1:59 p.m.10 views

Service workers and base URIs

Previously when we've run into a contentious service worker design issue, we've asked web developers what they think. This has worked out pretty well in the past, with developer feedback directly informing spec changes. It's also great because we can blame y'all if you pick the wrong thing. Well,...

7.1AI score
Exploits0
Jake Archibald's Blog
Jake Archibald's Blog
added 2014/10/23 12:0 a.m.11 views

Launching ServiceWorker without breaking the web

Update: Thanks to everyone who read and commented, you influenced the direction of the API. We're going for B, the path-based method, but allowing a header to relax these rules so you can put your worker script wherever you want. Many thanks! With ServiceWorkers you can control requests to any pa...

6.3AI score
Exploits0
NVD
NVD
added 2014/07/20 11:12 a.m.17 views

CVE-2014-3160

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file...

6.8CVSS5.9AI score0.01343EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2014/07/20 10:0 a.m.37 views

CVE-2014-3160

Removed by vendor...

6.8CVSS9.4AI score0.01343EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/11/26 12:0 a.m.41 views

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID 209c068d-28be-11e2-9160-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID 209c068d-28be-11e2-9160-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

7.5CVSS0.1AI score0.01619EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/11/12 12:0 a.m.31 views

Google Chrome < 23.0.1271.64 Multiple Vulnerabilities

Binary data 800919.prm...

7.5CVSS9.7AI score0.01619EPSS
Exploits0References12
NVD
NVD
added 2012/11/07 11:43 a.m.16 views

CVE-2012-5117

Google Chrome before 23.0.1271.64 does not properly restrict the loading of an SVG subresource in the context of an IMG element, which has unspecified impact and remote attack vectors...

7.5CVSS6.2AI score0.00956EPSS
Exploits0References5
CVE
CVE
added 2012/11/07 11:0 a.m.68 views

CVE-2012-5117

CVE-2012-5117 affects Google Chrome prior to 23.0.1271.64. The vulnerability stems from insufficient restrictions when loading an SVG subresource within an IMG element, with unspecified impact described in the CVE entry. OpenVAS and related advisories group CVE-2012-5117 among multiple Chromium/C...

7.5CVSS6.2AI score0.00956EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2012/11/07 11:0 a.m.33 views

CVE-2012-5117

Removed by vendor...

7.5CVSS6.9AI score0.00956EPSS
Exploits0
Rows per page
Query Builder