Download
| Alert*
oval:org.secpod.oval:def:505569
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 50.0.2661.102. Security Fix: * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or ... oval:org.secpod.oval:def:111194 V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. oval:org.secpod.oval:def:111182 V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. oval:org.secpod.oval:def:1800875 CVE-2016-1660: Out-of-bounds write in Blink. CVE-2016-1661: Memory corruption in cross-process frames. CVE-2016-1662: Use-after-free in extensions. CVE-2016-1663: Use-after-free in Blinks V8 bindings. CVE-2016-1664: Address bar spoofing. CVE-2016-1665: Information leak in V8. CVE-2016-1666: Various ... oval:org.secpod.oval:def:1800814 CVE-2016-1651: out-of-bounds read in Pdfium JPEG2000 decoding CVE-2016-1652: Universal XSS in extension bindings. CVE-2016-1653: Out-of-bounds write in V8. CVE-2016-1654: Uninitialized memory read in media. CVE-2016-1655: Use-after-free related to extensions. CVE-2016-1656: Android downloaded file p ... oval:org.secpod.oval:def:34401 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:703118 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:34392 The host is installed with Google Chrome before 50.0.2661.102 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted JavaScript code. Successful exploitation allows remote attackers to cause a denial of service (buffer overflow) or poss ... oval:org.secpod.oval:def:34391 The host is installed with Google Chrome before 50.0.2661.102 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted JavaScript code. Successful exploitation allows remote attackers to cause a denial of service (buffer overflow) or poss ... oval:org.secpod.oval:def:37844 The host is installed with Xcode before 8.1 on Apple Mac OS X 10.11.5 or later and is prone to an arbitrary code execution vulnerability. A flaw is present in the Node.js, which fails to handle unknown vectors. Successful exploitation allows attackers to cause unexpected application termination or a ... oval:org.secpod.oval:def:34399 The host is installed with Google Chrome before 50.0.2661.102 or Xcode before 8.1 on Apple Mac OS X 10.11.5 or later and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted JavaScript code. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:34396 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34395 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34406 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:34404 The host is installed with Google Chrome before 50.0.2661.102 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle crafted JavaScript code. Successful exploitation allows remote attackers to cause a denial of service (buffer overflow) or poss ... oval:org.secpod.oval:def:51566 oxide-qt: Web browser engine for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:1800123 CVE-2016-1667: Same origin bypass in DOM. CVE-2016-1668: Same origin bypass in Blink V8 bindings. CVE-2016-1669: Buffer overflow in V8. CVE-2016-1670: Race condition in loader. CVE-2016-1671: Directory traversal using the file scheme on Android. Fixed In Version: 50.0.2661.102 oval:org.secpod.oval:def:1800824 CVE-2016-1667: Same origin bypass in DOM. CVE-2016-1668: Same origin bypass in Blink V8 bindings. CVE-2016-1669: Buffer overflow in V8. CVE-2016-1670: Race condition in loader. CVE-2016-1671: Directory traversal using the file scheme on Android. Fixed In Version: 50.0.2661.102 oval:org.secpod.oval:def:602520 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1667 Mariusz Mylinski discovered a cross-origin bypass. CVE-2016-1668 Mariusz Mylinski discovered a cross-origin bypass in bindings to v8. CVE-2016-1669 Choongwoo Han discovered a buffer overflow in the v8 javascript ... oval:org.secpod.oval:def:37854 The host is missing a security update according to Apple advisory, APPLE-SA-2016-10-27-1. The update is required to fix multiple arbitrary code execution vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to caus ... oval:org.secpod.oval:def:504825 Node.js is a platform built on Chrome"s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. The ... |