79 matches found
EUVD-2016-2763
Malware in sbrugna...
EUVD-2014-3217
Malware in sbrugna...
EUVD-2014-3189
Malware in sbrugna...
SUSE CVE-2011-3070
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings...
SUSE CVE-2012-2886
Cross-site scripting XSS vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS UXSS."...
SUSE CVE-2014-3199
The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping...
SUSE CVE-2015-1217
The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecifi...
SUSE CVE-2016-1663
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of servi...
chromium-browser: uxss in v8
Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...
Ubuntu 14.04 LTS / 16.04 LTS : Oxide vulnerabilities (USN-3091-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3091-1 advisory. A use-after-free was discovered in the V8 bindings in Blink. If a user were tricked in to opening a specially crafted website, an attacker...
USN-3091-1 oxide-qt vulnerabilities
A use-after-free was discovered in the V8 bindings in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. CVE-2016-5170 A use-after-free was discovered in...
Google Chrome < 50.0.2661.102 Multiple Vulnerabilities
Binary data 9371.pasl...
Code injection
The ToV8Value function in content/child/v8valueconverterimpl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via...
CVE-2016-1679
CVE-2016-1679 affects Google Chrome prior to 51.0.2704.63, specifically the ToV8Value function in content/child/v8_value_converter_impl.cc used by the V8 bindings. The issue improperly restricts use of getters and setters, enabling remote attackers to trigger a denial-of-service via a use-after-f...
CVE-2016-1679
Removed by vendor...
chromium-browser: heap use-after-free in v8 bindings
The ToV8Value function in content/child/v8valueconverterimpl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via...
FreeBSD : chromium -- multiple vulnerabilities (7da1da96-24bb-11e6-bd31-3065ec8fd3ec)
Google Chrome Releases reports : 9 security fixes in this release, including : - 574802 High CVE-2016-1660: Out-of-bounds write in Blink. Credit to Atte Kettunen of OUSPG. - 601629 High CVE-2016-1661: Memory corruption in cross-process frames. Credit to Wadih Matar. - 603732 High CVE-2016-1662:...
CVE-2016-1679
The ToV8Value function in content/child/v8valueconverterimpl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via...
Ubuntu 14.04 LTS / 16.04 LTS : Oxide vulnerabilities (USN-2960-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2960-1 advisory. An out of bounds write was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potential...
USN-2960-1 oxide-qt vulnerabilities
An out of bounds write was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code. CVE-2016-1660 It was discovered that Blink assumes that a frame...