CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17460
https://notcve.org/view.php?id=CVE-2018-17460
27 Jun 2019 — Insufficient data validation in filesystem URIs in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. Una validación de datos insuficiente en los URI del sistema de archivos en Google Chrome antes de 68.0.3440.75 permitió a un atacante remoto falsificar el contenido del Omnibox (barra de URL) a través de un nombre de dominio creado. • https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5842 – chromium-browser: Use-after-free in Blink
https://notcve.org/view.php?id=CVE-2019-5842
19 Jun 2019 — Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Blink en Google Chrome versiones anteriores a 75.0.3770.90, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbi... • https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop_13.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 4%CPEs: 8EXPL: 0CVE-2019-5828 – chromium-browser: Use after free in ServiceWorker
https://notcve.org/view.php?id=CVE-2019-5828
17 Jun 2019 — Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. El problema del ciclo de vida del objeto en ServiceWorker en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de límites a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remo... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 5%CPEs: 8EXPL: 0CVE-2019-5829 – chromium-browser: Use after free in Download Manager
https://notcve.org/view.php?id=CVE-2019-5829
17 Jun 2019 — Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. El desbordamiento de enteros en el administrador de descargas en Google Chrome antes de la versión 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de límites a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which coul... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5830 – chromium-browser: Incorrectly credentialed requests in CORS
https://notcve.org/view.php?id=CVE-2019-5830
17 Jun 2019 — Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. La aplicación de políticas insuficientes en CORS en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto filtrara datos de origen cruzado a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5831 – chromium-browser: Incorrect map processing in V8
https://notcve.org/view.php?id=CVE-2019-5831
17 Jun 2019 — Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El problema del lifecycle del objeto en V8 en Google Chrome antes de 75.0.3770.80 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5832 – chromium-browser: Incorrect CORS handling in XHR
https://notcve.org/view.php?id=CVE-2019-5832
17 Jun 2019 — Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. La aplicación de políticas insuficientes en XMLHttpRequest en Google Chrome antes de 75.0.3770.80 permitió a un atacante remoto filtrar datos de origen cruzado a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. V... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2019-5833 – chromium-browser: Inconsistent security UI placement
https://notcve.org/view.php?id=CVE-2019-5833
17 Jun 2019 — Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page. El alcance del cuadro de diálogo incorrecto en el navegador en Google Chrome en Android antes de 75.0.3770.80 permitió a un atacante remoto mostrar una IU de seguridad engañosa a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-5835 – chromium-browser: Out of bounds read in Swiftshader
https://notcve.org/view.php?id=CVE-2019-5835
17 Jun 2019 — Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. El problema del ciclo de vida de los objetos en SwiftShader en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de los límites a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow ... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-5836 – chromium-browser: Heap buffer overflow in Angle
https://notcve.org/view.php?id=CVE-2019-5836
17 Jun 2019 — Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El desbordamiento del búfer del montón en ANGLE en Google Chrome antes de 75.0.3770.80 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Ver... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-787: Out-of-bounds Write •