Enterprise Linux Workstation Supplementary Security Vulnerabilities and Issues — Enterprise Linux Workstation Supplementary CVE List

Lucene search

RedhatEnterprise Linux Workstation Supplementary

9 matches found

CVE•added 2016/04/14 2:59 p.m.•171 views

CVE-2015-8540

Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG im...

9.3CVSS9.1AI score0.13302EPSS

CVE•added 2016/05/14 9:59 p.m.•97 views

CVE-2016-1663

The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service...

8.8CVSS9.1AI score0.01417EPSS

CVE•added 2016/05/14 9:59 p.m.•87 views

CVE-2016-1665

The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.

6.5CVSS7AI score0.01603EPSS

CVE•added 2016/05/14 9:59 p.m.•84 views

CVE-2016-1661

Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a cr...

8.3CVSS8.6AI score0.00958EPSS

CVE•added 2016/05/14 9:59 p.m.•81 views

CVE-2016-1660

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.

8.8CVSS9.1AI score0.01238EPSS

CVE•added 2016/05/14 9:59 p.m.•80 views

CVE-2016-1662

extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.

10CVSS9.2AI score0.15288EPSS

CVE•added 2016/05/14 9:59 p.m.•80 views

CVE-2016-1666

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

9.8CVSS9.2AI score0.00777EPSS

CVE•added 2016/05/14 9:59 p.m.•72 views

CVE-2016-1664

The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site...

4.3CVSS5.6AI score0.01056EPSS

CVE•added 2016/01/25 11:59 a.m.•59 views

CVE-2016-2051

Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

9.8CVSS9.5AI score0.003EPSS