Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
From VID-9118961B-9FA5-11E6-A265-3065EC8FD3EC:
Google Chrome Releases reports:
21 security fixes in this release, including:
[645211] High CVE-2016-5181: Universal XSS in Blink. Credit to
Anonymous
[638615] High CVE-2016-5182: Heap overflow in Blink. Credit to
Giwan Go of STEALIEN
[645122] High CVE-2016-5183: Use after free in PDFium. Credit
to Anonymous
[630654] High CVE-2016-5184: Use after free in PDFium. Credit
to Anonymous
[621360] High CVE-2016-5185: Use after free in Blink. Credit to
cloudfuzzer
[639702] High CVE-2016-5187: URL spoofing. Credit to Luan
Herrera
[565760] Medium CVE-2016-5188: UI spoofing. Credit to Luan
Herrera
[633885] Medium CVE-2016-5192: Cross-origin bypass in Blink.
Credit to haojunhou@gmail.com
[646278] Medium CVE-2016-5189: URL spoofing. Credit to xisigr
of Tencent's Xuanwu Lab
[644963] Medium CVE-2016-5186: Out of bounds read in DevTools.
Credit to Abdulrahman Alqabandi (@qab)
[639126] Medium CVE-2016-5191: Universal XSS in Bookmarks.
Credit to Gareth Hughes
[642067] Medium CVE-2016-5190: Use after free in Internals.
Credit to Atte Kettunen of OUSPG
[639658] Low CVE-2016-5193: Scheme bypass. Credit to Yuyang
ZHOU (martinzhou96)
[654782] CVE-2016-5194: Various fixes from internal audits,
fuzzing and other initiatives
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center