Vendor CVEs
All CVEs
11,473 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-2081 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116473261 | ||
| CVE-2019-2080 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118619159 | ||
| CVE-2019-2078 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114749542 | ||
| CVE-2019-2076 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115907334 | ||
| CVE-2019-2075 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115908308 | ||
| CVE-2019-2074 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116617847 | ||
| CVE-2019-2073 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100484 | ||
| CVE-2019-2072 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116117112 | ||
| CVE-2019-2071 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117216549 | ||
| CVE-2019-2070 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117883804 | ||
| CVE-2019-2069 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864 | ||
| CVE-2019-2068 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117099943 | ||
| CVE-2019-2067 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116114402 | ||
| CVE-2019-2066 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100617 | ||
| CVE-2019-2065 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118143575 | ||
| CVE-2019-2064 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116469592 | ||
| CVE-2019-2063 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:… | ||
| CVE-2019-2062 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117660045 | ||
| CVE-2019-2061 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112610994 | ||
| CVE-2019-2059 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118386824 | ||
| CVE-2019-2055 | Hig | 0.57 | 8.8 | 0.01 | Sep 27, 2019 | In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113164693 | ||
| CVE-2019-2177 | Hig | 0.57 | 8.8 | 0.01 | Sep 5, 2019 | In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. | ||
| CVE-2019-2109 | Hig | 0.57 | 8.8 | 0.01 | Jul 8, 2019 | In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:… | ||
| CVE-2019-2106 | Hig | 0.57 | 8.8 | 0.01 | Jul 8, 2019 | In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:… | ||
| CVE-2019-2105 | Hig | 0.57 | 8.8 | 0.01 | Jul 8, 2019 | In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.… | ||
| CVE-2019-5836 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5831 | Hig | 0.57 | 8.8 | 0.02 | Jun 27, 2019 | Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5829 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||
| CVE-2019-5828 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||
| CVE-2019-5827 | Hig | 0.57 | 8.8 | 0.02 | Jun 27, 2019 | Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5824 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5822 | Hig | 0.57 | 8.8 | 0.02 | Jun 27, 2019 | Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | ||
| CVE-2019-5821 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||
| CVE-2019-5820 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||
| CVE-2019-5817 | Hig | 0.57 | 8.8 | 0.02 | Jun 27, 2019 | Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5816 | Hig | 0.57 | 8.8 | 0.02 | Jun 27, 2019 | Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page. | ||
| CVE-2019-5813 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5811 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | ||
| CVE-2019-5809 | Hig | 0.57 | 8.8 | 0.02 | Jun 27, 2019 | Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. | ||
| CVE-2019-5808 | Hig | 0.57 | 8.8 | 0.02 | Jun 27, 2019 | Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5807 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-5806 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2018-6161 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | ||
| CVE-2018-6157 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | ||
| CVE-2018-6156 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | ||
| CVE-2018-6154 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2018-6149 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | ||
| CVE-2018-6131 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2018-6121 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page. | ||
| CVE-2018-6118 | Hig | 0.57 | 8.8 | 0.01 | Jun 27, 2019 | A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. |
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116473261
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118619159
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114749542
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115907334
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115908308
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116617847
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100484
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116117112
- risk 0.57cvss 8.8epss 0.01
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117216549
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117883804
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117099943
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116114402
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100617
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118143575
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116469592
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:…
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117660045
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112610994
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118386824
- risk 0.57cvss 8.8epss 0.01
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113164693
- risk 0.57cvss 8.8epss 0.01
In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
- risk 0.57cvss 8.8epss 0.01
In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product:…
- risk 0.57cvss 8.8epss 0.01
In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…
- risk 0.57cvss 8.8epss 0.01
In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.…
- risk 0.57cvss 8.8epss 0.01
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- risk 0.57cvss 8.8epss 0.01
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- risk 0.57cvss 8.8epss 0.02
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.02
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
- risk 0.57cvss 8.8epss 0.01
Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
- risk 0.57cvss 8.8epss 0.01
Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Page 39 of 230