Lucene search

K

20 matches found

CVE
CVE
added 2018/02/07 11:29 p.m.270 views

CVE-2017-5130

An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.

8.8CVSS6.6AI score0.00905EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.102 views

CVE-2017-5124

Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.

6.1CVSS6.4AI score0.34129EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.90 views

CVE-2017-15392

Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration.

4.3CVSS5.5AI score0.00422EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.85 views

CVE-2017-15394

Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension.

6.5CVSS6.5AI score0.01307EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.83 views

CVE-2017-15390

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

6.5CVSS6.5AI score0.00794EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.82 views

CVE-2017-5126

A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8CVSS8.6AI score0.02327EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.82 views

CVE-2017-5131

An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.

8.8CVSS8.5AI score0.01125EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.81 views

CVE-2017-15386

Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5CVSS6.2AI score0.00794EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.79 views

CVE-2017-5127

Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8CVSS8.8AI score0.01321EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.78 views

CVE-2017-15387

Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.

8.8CVSS7.8AI score0.01125EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.78 views

CVE-2017-15391

Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page.

6.5CVSS6.3AI score0.00794EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.78 views

CVE-2017-5129

A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS8.2AI score0.009EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.77 views

CVE-2017-5133

Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.

8.8CVSS8.1AI score0.02891EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.74 views

CVE-2017-15389

An insufficient watchdog timer in navigation in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5CVSS6.1AI score0.00676EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.68 views

CVE-2017-15388

Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS8AI score0.02327EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.68 views

CVE-2017-15393

Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.

8.8CVSS7.7AI score0.01125EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.68 views

CVE-2017-5125

Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.01374EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.64 views

CVE-2017-5128

Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.

8.8CVSS8.6AI score0.01337EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.63 views

CVE-2017-5132

Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.

8.8CVSS8.3AI score0.01218EPSS
CVE
CVE
added 2018/02/07 11:29 p.m.62 views

CVE-2017-15395

A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference.

6.5CVSS7.1AI score0.01495EPSS