EUVD-2017-14496

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-1678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote...

CVE-2017-5387

The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "" tag refers to a file that does not exist if the source page is loaded locally. This vulnerability affects Firefox 51...

CVE-2017-5384

Proxy Auto-Config PAC files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed t...

Mozilla: Excessive JIT code allocation allows bypass of ASLR and DEP (MFSA 2017-02)

JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

Google Chrome Autofill Memory Misreference Denial of Service Vulnerability

Google Chrome is a web browsing tool developed by Google. In versions prior to Google Chrome 51.0.2704.79, Autofill incorrectly handles field updates and interactions between JavaScript code with a memory misreference vulnerability. A remote attacker could cause a denial of service by exploiting...

UBUNTU-CVE-2016-1703

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

CVE-2016-1696

The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

CVE-2016-1691

Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp...

CVE-2016-1674

The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

Google Chrome V8 Heap Buffer Overflow Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. Google V8 is one of the open source JavaScript engine. A heap buffer overflow vulnerability exists in versions of V8 prior to Google Chrome 51.0.2704.63. A remote attacker could exploit this vulnerability to affect...