Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-1697 | 6.8 |
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypa
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 | |
CVE-2016-1700 | 5.1 |
extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 | |
CVE-2016-1703 | 6.8 |
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 | |
CVE-2016-1699 | 4.3 |
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.ap
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 | |
CVE-2016-1702 | 4.3 |
The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serial
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 | |
CVE-2016-1698 | 4.3 |
The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive informa
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 | |
CVE-2016-1701 | 6.8 |
The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possi
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 | |
CVE-2016-1696 | 6.8 |
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
|
30-10-2018 - 16:27 | 05-06-2016 - 23:59 |