Max CVSS 6.8 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-5131 6.8
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
26-03-2019 - 17:14 23-07-2016 - 19:59
CVE-2016-5129 6.8
Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via cr
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5137 4.3
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and do
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5127 6.8
Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5136 6.8
Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors re
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5130 4.3
content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL display via a crafted web site.
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5128 6.8
objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5134 4.3
net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5135 4.3
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5132 6.8
The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-5133 4.3
Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-1705 6.8
Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-1708 6.8
The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of servi
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-1707 4.3
ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site.
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-1709 6.8
Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other im
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-1710 6.8
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin
01-09-2017 - 01:29 23-07-2016 - 19:59
CVE-2016-1711 6.8
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy v
01-09-2017 - 01:29 23-07-2016 - 19:59
Back to Top Mark selected
Back to Top