VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2019-5879MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.

  • CVE-2019-5872MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5869MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5867MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Out of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5865MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

  • CVE-2019-5862MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

  • CVE-2019-5857MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.

  • CVE-2019-5855MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2019-5852MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2019-5848MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.00

    Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2019-5847MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5842MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13713MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2019-13709MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.

  • CVE-2019-13697MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2019-13683MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2019-13678MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

  • CVE-2019-13677MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.

  • CVE-2019-13670MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13665MedNov 25, 2019
    risk 0.42cvss 6.5epss 0.01

    Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.

Page 135 of 269