Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Extras
Subscriptions
Total
3425 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-5213 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2016-5212 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android insufficiently sanitized DevTools URLs, which allowed a remote attacker to read local files via a crafted HTML page. | ||||
| CVE-2016-5211 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2016-5210 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2016-5209 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2016-5208 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android allowed possible corruption of the DOM tree during synchronous event handling, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | ||||
| CVE-2016-5207 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| In Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android, corruption of the DOM tree could occur during the removal of a full screen element, which allowed a remote attacker to achieve arbitrary code execution via a crafted HTML page. | ||||
| CVE-2016-5206 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly followed redirects, which allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page. | ||||
| CVE-2016-5205 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac, incorrectly handles deferred page loads, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | ||||
| CVE-2016-5204 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | ||||
| CVE-2016-5203 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2016-5202 | 5 Apple, Google, Linux and 2 more | 5 Macos, Chrome, Linux Kernel and 2 more | 2024-11-21 | 9.1 Critical |
| browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. | ||||
| CVE-2016-5201 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page. | ||||
| CVE-2016-5200 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2016-5199 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | ||||
| CVE-2016-5194 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | 9.8 Critical |
| Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. | ||||
| CVE-2016-5178 | 5 Debian, Fedoraproject, Google and 2 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2024-11-21 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2024-11-21 | N/A |
| Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2016-10165 | 6 Canonical, Debian, Littlecms and 3 more | 23 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 20 more | 2024-11-21 | 7.1 High |
| The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. | ||||
| CVE-2016-0959 | 6 Adobe, Apple, Google and 3 more | 16 Air, Air Sdk, Air Sdk \& Compiler and 13 more | 2024-11-21 | N/A |
| Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash Player for Internet Explorer 10 and 11 before 20.0.0.267, Adobe Flash Player for Linux before 11.2.202.559, AIR Desktop Runtime before 20.0.0.233, AIR SDK before 20.0.0.233, AIR SDK & Compiler before 20.0.0.233, AIR for Android before 20.0.0.233. | ||||