Skip to main content
CVE-2016-1669 HIGH This Week

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Debian Linux Chrome +4
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2016-1663 HIGH This Week

The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Google Denial Of Service Opensuse Enterprise Linux Desktop Supplementary +4
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2016-1660 HIGH This Week

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Opensuse Enterprise Linux Desktop Supplementary +4
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2016-1668 HIGH This Week

The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Google Authentication Bypass Chrome Opensuse +1
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2016-1667 HIGH This Week

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Google Authentication Bypass Opensuse Debian Linux +1
NVD
CVSS 3.0
8.8
EPSS
0.6%
CVE-2016-1661 HIGH This Week

Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Enterprise Linux Desktop Supplementary Enterprise Linux Server Supplementary +4
NVD
CVSS 3.0
8.0
EPSS
1.0%
CVE-2016-1671 HIGH This Week

Google Chrome before 50.0.2661.102 on Android mishandles / (slash) and \ (backslash) characters, which allows attackers to conduct directory traversal attacks via a file: URL, related to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Google Chrome
NVD
CVSS 3.0
8.1
EPSS
0.2%
CVE-2015-8156 HIGH This Week

Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Endpoint Encryption
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-1399 HIGH This Week

The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA on Industrial Ethernet 4000 devices and 15.2(2)EB and 15.2(2)EB1 on Industrial Ethernet 5000 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service iOS
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2016-1208 HIGH This Week

The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple PHP Information Disclosure Mac Os X Filemaker
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2016-2015 HIGH This Week

HPE System Management Homepage before 7.5.5 allows local users to obtain sensitive information or modify data via unspecified vectors. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure System Management Homepage
NVD
CVSS 3.0
7.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy