Chrome@53.0.2785.101 Security Vulnerabilities and Issues — Chrome@53.0.2785.101 CVE List

Lucene search

GoogleChrome53.0.2785.101

8 matches found

CVE•added 2016/09/25 8:59 p.m.•106 views

CVE-2016-5172

The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.

6.5CVSS6.1AI score0.01493EPSS

CVE•added 2016/09/25 8:59 p.m.•72 views

CVE-2016-5171

WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code.

8.8CVSS6.8AI score0.00728EPSS

CVE•added 2016/09/25 8:59 p.m.•72 views

CVE-2016-5175

Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

8.8CVSS6.8AI score0.00419EPSS

CVE•added 2016/09/25 8:59 p.m.•71 views

CVE-2016-5170

WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified oth...

8.8CVSS6.8AI score0.00728EPSS

CVE•added 2016/09/25 8:59 p.m.•66 views

CVE-2016-5173

The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect intercept...

7.1CVSS6.2AI score0.00749EPSS

CVE•added 2016/09/25 8:59 p.m.•65 views

CVE-2016-5174

browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site.

6.5CVSS5.9AI score0.01131EPSS

CVE•added 2016/09/25 8:59 p.m.•55 views

CVE-2016-7549

Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) or possibly have unspecified other impact by leveragi...

8.8CVSS6.9AI score0.00725EPSS

CVE•added 2016/09/29 10:59 a.m.•51 views

CVE-2016-5176

Google Chrome before 53.0.2785.113 allows remote attackers to bypass the SafeBrowsing protection mechanism via unspecified vectors.

6.5CVSS6.3AI score0.0021EPSS