CVSS: 8.8EPSS: 5%CPEs: 8EXPL: 0CVE-2019-5829 – chromium-browser: Use after free in Download Manager
https://notcve.org/view.php?id=CVE-2019-5829
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. El desbordamiento de enteros en el administrador de descargas en Google Chrome antes de la versión 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de límites a través de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html https://crbug.com/958533 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 0CVE-2019-5824 – chromium-browser: parameter passing error in media player leading to unauthorized access
https://notcve.org/view.php?id=CVE-2019-5824
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El error en el paso de parámetros en los medios en Google Chrome antes de 74.0.3729.131 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/948564 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI https://seclists.org/bugtraq/2019/Aug/19 https://www.debian.org/security/2019/dsa-4500 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 1CVE-2019-5827 – sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces
https://notcve.org/view.php?id=CVE-2019-5827
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El desbordamiento de enteros en SQLite a través de WebSQL en Google Chrome antes de 74.0.3729.131 permitió que un atacante remoto pudiera explotar la corrupción del heap a través de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html https://crbug.com/952406 https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI https://seclists.org/ • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5805 – chromium-browser: Use after free in PDFium
https://notcve.org/view.php?id=CVE-2019-5805
Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Use-after-free en PDFium en Google Chrome antes del 74.0.3729.108 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de un archivo PDF creado. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html https://crbug.com/913320 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI https://seclists.org/bugtraq/2019/Aug/19 https://security.gentoo.org/glsa/201908-18 htt • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2019-5808 – chromium-browser: Use after free in Blink
https://notcve.org/view.php?id=CVE-2019-5808
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Use-after-free en Blink en Google Chrome antes de 74.0.3729.108 permitió que un atacante remoto pudiera explotar la corrupción del heap a través de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html https://crbug.com/947029 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI https://seclists.org/bugtraq/2019/Aug/19 https://security.gentoo.org/glsa/201908-18 htt • CWE-416: Use After Free CWE-787: Out-of-bounds Write •