SUSE CVE-2019-5755

Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page...

SUSE CVE-2019-17018

When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. This vulnerability affects Firefox 72...

SUSE CVE-2019-17025

Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 72...

CVE-2019-17025

Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 72...

CVE-2019-17019

When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. Note: this issue only occurs on Windows. Other operating systems are unaffected...

DEBIAN-CVE-2019-5783

Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page...

UBUNTU-CVE-2019-5759

Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

UBUNTU-CVE-2019-5778

A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension...

UBUNTU-CVE-2019-5777

Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

Google Chrome Insufficient Data Validation Vulnerability

Chrome is a web browsing tool developed by Google. A data validation insufficiency vulnerability exists in IndexedDB in Google Chrome versions prior to 72.0.3626.81. An attacker can exploit this vulnerability to bypass the same source policy via a crafted HTML page...

Google Chrome Insufficient Policy Enforcement Vulnerability (CNVD-2019-23564)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A policy enforcement insufficiency vulnerability exists in Omnibox in versions of Google Chrome prior to 72.0.3626.81. An attacker can exploit the vulnerability to...

Google Chrome memory misreference vulnerability (CNVD-2019-06211)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A memory misreference vulnerability exists in SwiftShader in versions prior to Google Chrome 72.0.3626.81. No detailed vulnerability details are provided at this ti...

Google Chrome memory misreference vulnerability (CNVD-2019-06210)

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A memory misreference vulnerability exists in PDFium in versions of Google Chrome prior to 72.0.3626.81. No details of the vulnerability are provided at this time...