CVE-2019-5869 – chromium-browser: Use-after-free in Blink
https://notcve.org/view.php?id=CVE-2019-5869
Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Blink en Google Chrome versiones anteriores a 76.0.3809.132, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/08/stable-channel-update-for-desktop_26.html https://crbug.com/978793 https://access.redhat.com/security/cve/CVE-2019-5869 https://bugzilla.redhat.com/show_bug.cgi?id=1748221 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVE-2019-5825 – Google Chromium V8 Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2019-5825
Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una escritura fuera de límites en JavaScript en Google Chrome versiones anteriores a 73.0.3683.86, permitió a un atacante remoto, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://www.exploit-db.com/exploits/48183 https://github.com/timwr/CVE-2019-5825 http://packetstormsecurity.com/files/156641/Google-Chrome-72-73-Array.map-Corruption.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/941743 https://access.redhat.com/security/cve/CVE-2019-5825 https://bugzilla.redhat.com/show_bug.cgi?id=1707247 https://bugs.chromium.org/p/chromium/issues/detail?id=941743 https://github.com/exodusintel/Chro • CWE-787: Out-of-bounds Write •
CVE-2019-5826 – chromium-browser: Use-after-free in IndexedDB
https://notcve.org/view.php?id=CVE-2019-5826
Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en IndexedDB en Google Chrome versiones anteriores a 73.0.3683.86, permitió a un atacante remoto, que había comprometido el proceso del renderizador, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/941746 https://access.redhat.com/security/cve/CVE-2019-5826 https://bugzilla.redhat.com/show_bug.cgi?id=1707248 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVE-2019-5850 – chromium-browser: Use-after-free in offline page fetcher
https://notcve.org/view.php?id=CVE-2019-5850
Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en offline en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto, que había comprometido el proceso del renderizador, realizar potencialmente un escape de sandbox por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/977462 https://access.redhat.com/security/cve/CVE-2019-5850 https://bugzilla.redhat.com/show_bug.cgi?id=1737721 • CWE-416: Use After Free •
CVE-2019-5857 – chromium-browser: Comparison of -0 and null yields crash
https://notcve.org/view.php?id=CVE-2019-5857
Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de objetos por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/961237 https://access.redhat.com/security/cve/CVE-2019-5857 https://bugzilla.redhat.com/show_bug.cgi?id=1737735 • CWE-787: Out-of-bounds Write •