Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_desktop_supplementary
(Redhat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 85 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-07-23 | CVE-2015-1287 | Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to core/fetch/CSSStyleSheetResource.cpp. | Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | N/A | ||
| 2015-07-23 | CVE-2015-1288 | The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263. | Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | N/A | ||
| 2015-07-23 | CVE-2015-1289 | Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | Debian_linux, Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | N/A | ||
| 2016-01-25 | CVE-2016-2051 | Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | Chrome, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | 9.8 | ||
| 2016-04-14 | CVE-2015-8540 | Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. | Debian_linux, Fedora, Libpng, Enterprise_linux_desktop_supplementary, Enterprise_linux_hpc_node, Enterprise_linux_server_supplementary, Enterprise_linux_workstation_supplementary | 8.8 | ||
| 2016-05-14 | CVE-2016-1660 | Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site. | Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | 8.8 | ||
| 2016-05-14 | CVE-2016-1661 | Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp. | Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | 8.0 | ||
| 2016-05-14 | CVE-2016-1662 | extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. | Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | 9.8 | ||
| 2016-05-14 | CVE-2016-1663 | The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. | Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | 8.8 | ||
| 2016-05-14 | CVE-2016-1664 | The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site. | Chrome, Opensuse, Enterprise_linux_desktop_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary | 4.3 |