CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13664 – chromium-browser: CSRF bypass
https://notcve.org/view.php?id=CVE-2019-13664
29 Oct 2019 — Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación de política insuficiente en Blink en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto omitir la política de seguridad de contenido por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addresse... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-346: Origin Validation Error •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5878 – chromium-browser: Use-after-free in V8
https://notcve.org/view.php?id=CVE-2019-5878
29 Oct 2019 — Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en V8 en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed include b... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13676 – chromium-browser: Google URI shown for certificate warning
https://notcve.org/view.php?id=CVE-2019-13676
29 Oct 2019 — Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Una aplicación de política insuficiente en Chromium en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto realizar una suplantación de dominios por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed includ... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13695 – chromium-browser: Use-after-free in audio
https://notcve.org/view.php?id=CVE-2019-13695
29 Oct 2019 — Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en audio en Google Chrome en Android versiones anteriores a 77.0.3865.120, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.1... • https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13659 – chromium-browser: URL spoof
https://notcve.org/view.php?id=CVE-2019-13659
29 Oct 2019 — IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Una suplantación de identidad en IDN en Omnibox en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto realizar una suplantación de dominio mediante homógrafos IDN por medio de un nombre de dominio diseñado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5877 – chromium-browser: Out-of-bounds access in V8
https://notcve.org/view.php?id=CVE-2019-5877
29 Oct 2019 — Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en JavaScript en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120.... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-13665 – chromium-browser: Multiple file download protection bypass
https://notcve.org/view.php?id=CVE-2019-13665
29 Oct 2019 — Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page. Un filtrado insuficiente en Blink en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto omitir la protección de descarga de múltiples archivos por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 77.0.3865.120. Issues addressed in... • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2019-8075 – flash-plugin: Same origin policy bypass leading to information disclosure
https://notcve.org/view.php?id=CVE-2019-8075
27 Sep 2019 — Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. Adobe Flash Player versión 32.0.0.192 y versiones anteriores, presentan una vulnerabilidad de Omisión de la Política del Mismo Origen. Su explotación con éxito podría conllevar a una divulgación de información en el contexto del usuario actual. Multiple security issues were discovered in the Chromium web br... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5869 – chromium-browser: Use-after-free in Blink
https://notcve.org/view.php?id=CVE-2019-5869
05 Sep 2019 — Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Blink en Google Chrome versiones anteriores a 76.0.3809.132, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of... • https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5849 – Debian Security Advisory 4500-1
https://notcve.org/view.php?id=CVE-2019-5849
14 Aug 2019 — Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Una lectura fuera de límites en Skia en Google Chrome versiones anteriores a 75.0.3770.80, permitió a un atacante remoto obtener información potencialmente confidencial de la memoria de proceso por medio de una página HTML diseñada. Several vulnerabilities have been discovered in the chromium web browser. • https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •