|
250721
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who co…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5020
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250722
|
6.3 |
MEDIUM
Network
|
google
|
chrome
|
A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML p…
|
CWE-416
Use After Free
|
CVE-2017-5019
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250723
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a rem…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5018
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250724
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForc…
|
CWE-200
Information Exposure
|
CVE-2017-5017
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250725
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2017-5016
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250726
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN ho…
|
NVD-CWE-noinfo
|
CVE-2017-5015
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250727
|
6.3 |
MEDIUM
Network
|
google
|
chrome
|
Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5014
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250728
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-selected tabs, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a c…
|
NVD-CWE-noinfo
|
CVE-2017-5013
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250729
|
8.8 |
HIGH
Network
|
google
|
chrome
|
A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5012
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250730
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem conten…
|
CWE-200
Information Exposure
|
CVE-2017-5011
|
2024-11-21 12:26 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
