CVE-2015-8837 (fedora, fuseiso)

Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file.

Source: CVE-2015-8837 (fedora, fuseiso)

CVE-2015-8836 (fedora, fuseiso)

Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow.

Source: CVE-2015-8836 (fedora, fuseiso)

CVE-2016-2288 (cogent_datahub)

Cogent DataHub before 7.3.10 allows local users to gain privileges by leveraging the user or guest role to modify a file.

Source: CVE-2016-2288 (cogent_datahub)

CVE-2016-1760 (iphone_os)

The XPC Services API in LaunchServices in Apple iOS before 9.3 allows attackers to bypass intended event-handler restrictions and modify an arbitrary app’s events via a crafted app.

Source: CVE-2016-1760 (iphone_os)

CVE-2016-3679 (chrome, v8)

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Source: CVE-2016-3679 (chrome, v8)

CVE-2016-3679

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Source: CVE-2016-3679

CVE-2016-1650 (chrome)

The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document.

Source: CVE-2016-1650 (chrome)

CVE-2016-1649 (chrome)

The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages.

Source: CVE-2016-1649 (chrome)

CVE-2016-1648 (chrome)

Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.

Source: CVE-2016-1648 (chrome)

CVE-2016-1647 (chrome)

Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Source: CVE-2016-1647 (chrome)