VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2019-13737MedDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2019-13736HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2019-13735HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

  • CVE-2019-13734HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13732HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13730HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13729HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13728HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13727HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

  • CVE-2019-13726HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

  • CVE-2019-13725HigDec 10, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

  • CVE-2019-5881HigNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2019-5880HigNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2019-5879MedNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.

  • CVE-2019-5878HigNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5877HigNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5876HigNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5875MedNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2019-5874HigNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2019-5872MedNov 25, 2019
    affected < 93.0.4577.82-1.1fixed 93.0.4577.82-1.1

    Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 141 of 203