Lucene search
K

17 matches found

GoogleProjectZero
GoogleProjectZero
added 2021/01/12 12:0 a.m.610 views

In-the-Wild Series: Chrome Exploits

This is part 3 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, see the introduction post. Posted by Sergei Glazunov, Project Zero Introduction As we continue the series on the watering hole attack...

8.8CVSS8.4AI score0.78808EPSS
Exploits9
NVD
NVD
added 2017/10/27 5:29 a.m.22 views

CVE-2017-5070

Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS8.6AI score0.31212EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2017/10/27 5:0 a.m.10 views

CVE-2017-5070

Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.6AI score0.31212EPSS
Exploits1References6
CVE
CVE
added 2017/10/27 5:0 a.m.1061 views

CVE-2017-5070

CVE-2017-5070 is a type confusion vulnerability in Google Chrome’s V8 engine that allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected products include Google Chrome and other Chromium-based browsers (V8 engine), with desktop versions prior to 59...

8.8CVSS8.5AI score0.31212EPSS
In wildExploits1References7Affected Software1
Check Point Advisories
Check Point Advisories
added 2017/09/24 12:0 a.m.12 views

Google Chrome V8 Crankshaft Type Confusion (CVE-2017-5070)

A type confusion vulnerability exists in Google Chrome. The vulnerability is due to improper handling of objects in memory by the V8 JavaScript engine while compiling code. A remote attacker could exploit this vulnerability by enticing a user to open a malicious web page...

6.8CVSS1.5AI score0.31212EPSS
Exploits1
Circl
Circl
added 2017/09/04 5:48 p.m.7 views

CVE-2017-5070

creationtimestamp| type| source ---|---|--- 2017-09-04 17:48:58+00:00| exploited| https://t.me/informationsecuritychannel/8457 2019-09-25 08:28:15+00:00| seen| MISP/5d8b23ae-50d0-4a09-86da-4dc9950d210f 2020-10-09 14:30:50+00:00| seen| MISP/bbad3705-75de-41f7-980c-0e90136909de 2022-06-07...

8.8CVSS7.3AI score0.31212EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2017/08/04 12:0 a.m.36 views

Fedora Update for qt5-qtwebengine FEDORA-2017-1e34da27f3

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.31212EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/07/18 12:0 a.m.32 views

Fedora 25 : qt5-qtwebengine (2017-a7a488d8d0)

This update updates QtWebEngine to the 5.9.1 release, a security and bugfix release from the 5.9 branch. QtWebEngine 5.9.1 is part of the Qt 5.9.1 release, but only the QtWebEngine component is included in this update. The update fixes the following security issues in QtWebEngine 5.9.0:...

8.8CVSS6.9AI score0.31212EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2017/07/17 12:0 a.m.38 views

Fedora 26 : 1:chromium-native_client (2017-c11d7ef69a)

Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082,...

8.8CVSS6.9AI score0.31212EPSS
Exploits1References17
OpenVAS
OpenVAS
added 2017/07/14 12:0 a.m.28 views

Fedora Update for chromium-native_client FEDORA-2017-b8d76bef4e

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.6AI score0.31212EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/07/13 12:0 a.m.30 views

Fedora 24 : 1:chromium-native_client (2017-b8d76bef4e)

Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082,...

8.8CVSS6.9AI score0.31212EPSS
Exploits1References17
OpenVAS
OpenVAS
added 2017/07/01 12:0 a.m.39 views

Fedora Update for chromium-native_client FEDORA-2017-a66e2c5b62

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.6AI score0.31212EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/06/30 12:0 a.m.24 views

Fedora 25 : 1:chromium-native_client (2017-a66e2c5b62)

Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082,...

8.8CVSS6.9AI score0.31212EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2017/06/08 12:0 a.m.43 views

openSUSE Security Update : chromium (openSUSE-2017-661)

This update to Chromium 59.0.3071.86 fixes the following security issues : - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetoot...

8.8CVSS7.3AI score0.31212EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2017/06/08 12:0 a.m.43 views

Google Chrome < 59.0.3071.86 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 59.0.3071.86. It is, therefore, affected by multiple vulnerabilities as referenced in the 201706stable-channel-update-for-desktop advisory. - A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86...

8.8CVSS7.7AI score0.31212EPSS
Exploits1References34
ThreatPost
ThreatPost
added 2017/06/06 1:36 p.m.26 views

Google Fixes 30 Vulnerabilities, Five High Severity, in Chrome 59

Google on Monday released the latest stable version of Chrome that includes patches for 30 vulnerabilities, including five high severity issues. The company paid out $23,500 to external researchers for the vulnerabilities, including $7,500 for a type confusion vulnerability in V8, the open source...

6.8CVSS8.7AI score0.31212EPSS
Exploits1References25
OpenVAS
OpenVAS
added 2017/06/06 12:0 a.m.38 views

Google Chrome Security Updates (stable-channel-update-for-desktop-2017-06) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

8.8CVSS6.3AI score0.31212EPSS
Exploits1References3
Rows per page
Query Builder