CVSS: 8.8EPSS: 60%CPEs: 1EXPL: 4CVE-2019-5825 – Google Chromium V8 Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2019-5825
Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una escritura fuera de límites en JavaScript en Google Chrome versiones anteriores a 73.0.3683.86, permitió a un atacante remoto, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://www.exploit-db.com/exploits/48183 https://github.com/timwr/CVE-2019-5825 http://packetstormsecurity.com/files/156641/Google-Chrome-72-73-Array.map-Corruption.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/941743 https://access.redhat.com/security/cve/CVE-2019-5825 https://bugzilla.redhat.com/show_bug.cgi?id=1707247 https://bugs.chromium.org/p/chromium/issues/detail?id=941743 https://github.com/exodusintel/Chro • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5850 – chromium-browser: Use-after-free in offline page fetcher
https://notcve.org/view.php?id=CVE-2019-5850
Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en offline en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto, que había comprometido el proceso del renderizador, realizar potencialmente un escape de sandbox por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/977462 https://access.redhat.com/security/cve/CVE-2019-5850 https://bugzilla.redhat.com/show_bug.cgi?id=1737721 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5857 – chromium-browser: Comparison of -0 and null yields crash
https://notcve.org/view.php?id=CVE-2019-5857
Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de objetos por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/961237 https://access.redhat.com/security/cve/CVE-2019-5857 https://bugzilla.redhat.com/show_bug.cgi?id=1737735 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5854 – chromium-browser: Integer overflow in PDFium text rendering
https://notcve.org/view.php?id=CVE-2019-5854
Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un desbordamiento de enteros en PDFium en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de un archivo PDF diseñado. • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/966263 https://access.redhat.com/security/cve/CVE-2019-5854 https://bugzilla.redhat.com/show_bug.cgi?id=1737736 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5855 – chromium-browser: Integer overflow in PDFium
https://notcve.org/view.php?id=CVE-2019-5855
Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un desbordamiento de enteros en PDFium en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de un archivo PDF diseñado. • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html https://crbug.com/964872 https://access.redhat.com/security/cve/CVE-2019-5855 https://bugzilla.redhat.com/show_bug.cgi?id=1737729 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •