| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file. |
| Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation. |
| An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write. |
| A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. |
| Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL. |
| Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. |
| A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. |
| Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page. |
| Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017). |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Attackers (who control a certain subdomain) can discover a user's credentials, during an email account login, via an EAS autodiscover packet. The Samsung ID is SVE-2016-7654 (January 2017). |
| An issue was discovered on Samsung mobile devices with software through 2016-10-25 (Exynos5 chipsets). Attackers can read kernel addresses in the log because an incorrect format specifier is used. The Samsung ID is SVE-2016-7551 (January 2017). |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 2017). |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a resultant buffer overflow, in the sec_ts touchscreen sysfs interface. The Samsung ID is SVE-2016-7501 (January 2017). |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017). |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017). |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos5433, Exynos7420, or Exynos7870 chipsets) software. An attacker can bypass a ko (aka Kernel Module) signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 (January 2017). |
| An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.0) software. There is an information disclosure (of memory locations outside a buffer) via /dev/dsm_ctrl_dev. The Samsung ID is SVE-2016-7340 (January 2017). |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. An attacker can obtain the full pathnames of sdcard files by reading the system protected log upon reception of a certain intent. The Samsung ID is SVE-2016-7183 (January 2017). |
