Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-28 | CVE-2018-15897 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Website Seller Script Project Website Seller Script 2.0.5 PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn. | 6.5 |
| 2018-08-28 | CVE-2017-15406 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |
| 2018-08-28 | CVE-2017-15398 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. | 9.8 |
| 2018-08-28 | CVE-2017-15396 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2018-08-28 | CVE-2017-15418 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 4.3 |
| 2018-08-28 | CVE-2017-15417 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 5.3 |
| 2018-08-28 | CVE-2017-15416 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read. | 6.5 |
| 2018-08-28 | CVE-2017-15415 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page. | 6.5 |
| 2018-08-28 | CVE-2017-15409 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2018-08-28 | CVE-2017-15408 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. | 8.8 |