High

DATE	CVE	VULNERABILITY TITLE	RISK
2016-06-05	CVE-2016-1676	Improper Access Control vulnerability in multiple products extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. network low complexity debian redhat suse opensuse google CWE-284	8.8
2016-06-05	CVE-2016-1675	Improper Access Control vulnerability in multiple products Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp. network low complexity debian canonical redhat suse opensuse google CWE-284	8.8
2016-06-05	CVE-2016-1674	The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. network low complexity debian redhat suse opensuse google	8.8
2016-06-05	CVE-2016-1673	Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. network low complexity google debian canonical redhat suse opensuse	8.8
2016-06-05	CVE-2016-1672	Improper Access Control vulnerability in multiple products The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors. network low complexity google debian redhat suse opensuse CWE-284	8.8
2016-06-01	CVE-2016-3697	Permissions, Privileges, and Access Controls vulnerability in multiple products libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. local low complexity docker linuxfoundation opensuse CWE-264	7.8
2016-06-01	CVE-2016-3075	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name. network low complexity opensuse gnu fedoraproject canonical CWE-119	7.5
2016-06-01	CVE-2016-1234	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. network low complexity gnu opensuse fedoraproject CWE-119	7.5
2016-05-23	CVE-2016-4049	Improper Input Validation vulnerability in multiple products The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet. network low complexity quagga opensuse CWE-20	7.5
2016-05-23	CVE-2016-3959	Improper Input Validation vulnerability in multiple products The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries. network low complexity opensuse golang fedoraproject CWE-20	7.5