VYPR

Chrome

by Google

Source repositories

CVEs (5,373)

  • CVE-2017-15418MedAug 28, 2018
    risk 0.28cvss 4.3epss 0.02

    Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2017-15392MedFeb 7, 2018
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration.

  • CVE-2017-5119MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.02

    Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2017-5118MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2017-5109MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.

  • CVE-2017-5103MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.02

    Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2017-5102MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.02

    Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2017-5096MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a crafted HTML page, related to intents.

  • CVE-2017-5083MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.

  • CVE-2017-5079MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.

  • CVE-2017-5075MedOct 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page.

  • CVE-2017-5046MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.01

    V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.

  • CVE-2017-5041MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.01

    Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page.

  • CVE-2017-5033MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.01

    Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the…

  • CVE-2017-5027MedFeb 17, 2017
    risk 0.28cvss 4.3epss 0.01

    Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2017-5026MedFeb 17, 2017
    risk 0.28cvss 4.3epss 0.01

    Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page.

  • CVE-2017-5023MedFeb 17, 2017
    risk 0.28cvss 4.3epss 0.01

    Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.

  • CVE-2017-5022MedFeb 17, 2017
    risk 0.28cvss 4.3epss 0.01

    Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2017-5021MedFeb 17, 2017
    risk 0.28cvss 4.3epss 0.01

    A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

  • CVE-2017-5017MedFeb 17, 2017
    risk 0.28cvss 4.3epss 0.01

    Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML page.

Page 173 of 269