Vulnerabilities > Redhat > Enterprise Linux Desktop Supplementary

DATE CVE VULNERABILITY TITLE RISK
2016-05-14 CVE-2016-1666 Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
network
low complexity
redhat opensuse google
critical
9.8
2016-05-14 CVE-2016-1665 Improper Input Validation vulnerability in multiple products
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.
network
low complexity
opensuse redhat google CWE-20
6.5
2016-05-14 CVE-2016-1664 7PK - Security Features vulnerability in multiple products
The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site.
network
low complexity
google redhat opensuse CWE-254
4.3
2016-05-14 CVE-2016-1663 The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
network
low complexity
opensuse redhat google
8.8
2016-05-14 CVE-2016-1662 extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
network
low complexity
google redhat opensuse
critical
9.8
2016-05-14 CVE-2016-1661 Improper Input Validation vulnerability in multiple products
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp.
network
low complexity
redhat google opensuse CWE-20
8.0
2016-05-14 CVE-2016-1660 Improper Input Validation vulnerability in multiple products
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
network
low complexity
opensuse redhat google CWE-20
8.8
2016-04-14 CVE-2015-8540 Numeric Errors vulnerability in multiple products
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
network
low complexity
redhat libpng fedoraproject debian CWE-189
8.8
2016-01-25 CVE-2016-2051 Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
network
low complexity
google redhat
critical
9.8
2015-07-23 CVE-2015-1276 Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation.
network
low complexity
google debian redhat opensuse
critical
9.8