CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13698 – Google Chromium RegExpReplace Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-13698
29 Oct 2019 — Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en JavaScript en Google Chrome versiones anteriores a 73.0.3683.103, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromiu... • https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5870 – chromium-browser: Use-after-free in media
https://notcve.org/view.php?id=CVE-2019-5870
29 Oct 2019 — Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en media en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto potencialmente realizar un escape de sandbox por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed include... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5871 – chromium-browser: Heap overflow in Skia
https://notcve.org/view.php?id=CVE-2019-5871
29 Oct 2019 — Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de búfer de la pila en Skia en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed inc... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5872 – chromium-browser: Use-after-free in Mojo
https://notcve.org/view.php?id=CVE-2019-5872
29 Oct 2019 — Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Mojo en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed inclu... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5874 – chromium-browser: External URIs may trigger other browsers
https://notcve.org/view.php?id=CVE-2019-5874
29 Oct 2019 — Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Un filtrado insuficiente en URI schemes en Google Chrome en Windows versiones anteriores a 77.0.3865.75, permitió a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addr... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5875 – chromium-browser: URL bar spoof via download redirect
https://notcve.org/view.php?id=CVE-2019-5875
29 Oct 2019 — Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una comprobación de datos insuficiente en downloads en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto falsificar el contenido del Omnibox (barra de URL) por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.38... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5876 – chromium-browser: Use-after-free in media
https://notcve.org/view.php?id=CVE-2019-5876
29 Oct 2019 — Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en media en Google Chrome en Android versiones anteriores a 77.0.3865.75, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5877 – chromium-browser: Out-of-bounds access in V8
https://notcve.org/view.php?id=CVE-2019-5877
29 Oct 2019 — Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en JavaScript en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120.... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5878 – chromium-browser: Use-after-free in V8
https://notcve.org/view.php?id=CVE-2019-5878
29 Oct 2019 — Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en V8 en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed include b... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5879 – chromium-browser: Extensions can read some local files
https://notcve.org/view.php?id=CVE-2019-5879
29 Oct 2019 — Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension. La aplicación insuficiente de la política en las extensiones de Google Chrome anteriores a 77.0.3865.75 permitió a un atacante que convenció a un usuario instalar una extensión maliciosa para leer archivos locales a través de una extensión de Chrome especialmente diseñada. Chromium is an open-source ... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-863: Incorrect Authorization •