Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-14 | CVE-2016-1669 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. | 8.8 |
| 2016-05-14 | CVE-2016-1668 | Improper Access Control vulnerability in multiple products The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | 8.8 |
| 2016-05-14 | CVE-2016-1667 | Improper Access Control vulnerability in multiple products The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | 8.8 |
| 2016-05-14 | CVE-2016-1663 | The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. | 8.8 |
| 2016-05-14 | CVE-2016-1661 | Improper Input Validation vulnerability in multiple products Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp. | 8.0 |
| 2016-05-14 | CVE-2016-1660 | Improper Input Validation vulnerability in multiple products Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site. | 8.8 |
| 2016-05-09 | CVE-2016-4477 | Data Processing Errors vulnerability in Google Android wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command. | 7.8 |
| 2016-05-09 | CVE-2016-2462 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1 OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles updates of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bug 27371173. | 7.0 |
| 2016-05-09 | CVE-2016-2461 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1 OpenSSLCipher.java in Conscrypt in Android 6.x before 2016-05-01 mishandles resets of the Additional Authenticated Data (AAD) array, which allows attackers to spoof message authentication via unspecified vectors, aka internal bugs 27324690 and 27696681. | 7.0 |
| 2016-05-09 | CVE-2016-2456 | Permissions, Privileges, and Access Controls vulnerability in Google Android The MediaTek Wi-Fi driver in Android before 2016-05-01 on Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 27275187. | 7.0 |