Page 374 of 3354 results (0.009 seconds)

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-5097 – chromium-browser: out-of-bounds read in skia

https://notcve.org/view.php?id=CVE-2017-5097

Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Una validación insuficiente de entradas no fiables en Skia en Google Chrome, en versiones anteriores a la 60.0.3112.78 para Linux, permitía que un atacante remoto realizase una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.debian.org/security/2017/dsa-3926 http://www.securityfocus.com/bid/99950 https://access.redhat.com/errata/RHSA-2017:1833 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html https://crbug.com/740789 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5097 https://bugzilla.redhat.com/show_bug.cgi?id=1475199 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 2%CPEs: 9EXPL: 0

CVE-2017-5098 – chromium-browser: use after free in v8

https://notcve.org/view.php?id=CVE-2017-5098

A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un uso de memoria previamente liberada en V8 en Google Chrome, en versiones anteriores a la 60.0.3112.78 para Mac, Windows, Linux y Android, permitía que un atacante remoto realizase una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.debian.org/security/2017/dsa-3926 http://www.securityfocus.com/bid/99950 https://access.redhat.com/errata/RHSA-2017:1833 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html https://crbug.com/740803 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5098 https://bugzilla.redhat.com/show_bug.cgi?id=1475200 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-5099 – chromium-browser: out-of-bounds write in ppapi

https://notcve.org/view.php?id=CVE-2017-5099

Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page. Validación insuficiente de entradas no fiables en PPAPI Plugins en Google Chrome en versiones anteriores a la 60.0.3112.78 para Mac permitía que un atacante remoto pudiese obtener una elevación de privilegios mediante una página HTML manipulada. • http://www.debian.org/security/2017/dsa-3926 http://www.securityfocus.com/bid/99950 https://access.redhat.com/errata/RHSA-2017:1833 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html https://crbug.com/733548 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5099 https://bugzilla.redhat.com/show_bug.cgi?id=1475201 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 2%CPEs: 6EXPL: 0

CVE-2017-5100 – chromium-browser: use after free in chrome apps

https://notcve.org/view.php?id=CVE-2017-5100

A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un uso de memoria previamente liberada en Apps en Google Chrome, en versiones anteriores a la 60.0.3112.78 para Windows, permitía que un atacante remoto realizase una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.debian.org/security/2017/dsa-3926 http://www.securityfocus.com/bid/99950 https://access.redhat.com/errata/RHSA-2017:1833 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html https://crbug.com/718292 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5100 https://bugzilla.redhat.com/show_bug.cgi?id=1475202 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-5101 – chromium-browser: url spoofing in omnibox

https://notcve.org/view.php?id=CVE-2017-5101

Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. Una implementación incorrecta en Omnibox en Google Chrome, en versiones anteriores a la 60.0.3112.78 para Linux, Windows y Mac, permitía que un atacante remoto suplantase el contenido de Omnibox mediante una página HTML manipulada. • http://www.debian.org/security/2017/dsa-3926 http://www.securityfocus.com/bid/99950 https://access.redhat.com/errata/RHSA-2017:1833 https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html https://crbug.com/681740 https://security.gentoo.org/glsa/201709-15 https://access.redhat.com/security/cve/CVE-2017-5101 https://bugzilla.redhat.com/show_bug.cgi?id=1475203 •