CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5852 – chromium-browser: Object leak of utility functions
https://notcve.org/view.php?id=CVE-2019-5852
12 Aug 2019 — Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto obtener información potencialmente confidencial de la memoria de proceso por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, th... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5853 – chromium-browser: Memory corruption in regexp length check
https://notcve.org/view.php?id=CVE-2019-5853
12 Aug 2019 — Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-682: Incorrect Calculation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5854 – chromium-browser: Integer overflow in PDFium text rendering
https://notcve.org/view.php?id=CVE-2019-5854
12 Aug 2019 — Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un desbordamiento de enteros en PDFium en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de un archivo PDF diseñado. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5855 – chromium-browser: Integer overflow in PDFium
https://notcve.org/view.php?id=CVE-2019-5855
12 Aug 2019 — Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un desbordamiento de enteros en PDFium en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de un archivo PDF diseñado. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5856 – chromium-browser: Insufficient checks on filesystem: URI permissions
https://notcve.org/view.php?id=CVE-2019-5856
12 Aug 2019 — Insufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una aplicación de política insuficiente en storage en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto, que había comprometido el proceso del renderizador, omitir el aislamiento del sitio por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium a... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5857 – chromium-browser: Comparison of -0 and null yields crash
https://notcve.org/view.php?id=CVE-2019-5857
12 Aug 2019 — Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de objetos por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5858 – chromium-browser: Insufficient filtering of Open URL service parameters
https://notcve.org/view.php?id=CVE-2019-5858
12 Aug 2019 — Incorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page. Una interfaz de usuario de seguridad incorrecta en MacOS services integration en Google Chrome en OS X versiones anteriores a 76.0.3809.87, permitió a un atacante local ejecutar código arbitrario por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5859 – chromium-browser: res: URIs can load alternative browsers
https://notcve.org/view.php?id=CVE-2019-5859
12 Aug 2019 — Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Un filtrado insuficiente en URI schemes en Google Chrome en Windows versiones anteriores a 76.0.3809.87, permitió a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to exe... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5860 – chromium-browser: Use-after-free in PDFium
https://notcve.org/view.php?id=CVE-2019-5860
12 Aug 2019 — Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un uso de la memoria previamente liberada en PDFium en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de un archivo PDF diseñado. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbi... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5861 – chromium-browser: Click location incorrectly checked
https://notcve.org/view.php?id=CVE-2019-5861
12 Aug 2019 — Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page. Una comprobación de datos insuficiente en Blink en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto omitir la política anti-clickjacking por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary ... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •