RSS   Vulnerabilities for 'Chrome'   RSS

2019-11-25
 
CVE-2019-5881

CWE-125
 

 
Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

 
 
CVE-2019-5880

CWE-200
 

 
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

 
 
CVE-2019-5879

CWE-20
 

 
Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.

 
 
CVE-2019-5878

CWE-416
 

 
Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2019-5877

CWE-119
 

 
Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2019-5876

CWE-416
 

 
Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2019-5875

CWE-20
 

 
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

 
 
CVE-2019-5872

CWE-416
 

 
Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2019-5871

CWE-787
 

 
Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

 
 
CVE-2019-5870

CWE-416
 

 
Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

 


Copyright 2019, cxsecurity.com

 

Back to Top