7 matches found
SUSE CVE-2019-5758
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2020-12325
Improper buffer restrictions in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access...
Mozilla: Type Confusion in XPCVariant.cpp
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.4 and Firefox 72...
DEBIAN-CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox 72...
UBUNTU-CVE-2019-5786
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
chromium-browser: Use after free in PDFium
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...
Google Chrome Insufficient Policy Enforcement Vulnerability (CNVD-2019-23565)
Chrome is a web browsing tool developed by Google. A policy enforcement insufficiency vulnerability exists in Omnibox in versions of Google Chrome prior to 72.0.3626.81. An attacker can exploit the vulnerability to spoof the contents of the Omnibox URL bar via a crafted domain name...