High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-28	CVE-2017-15413	Incorrect Type Conversion or Cast vulnerability in multiple products Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity redhat debian google CWE-704	8.8
2018-08-28	CVE-2017-15412	Use After Free vulnerability in multiple products Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity redhat debian google xmlsoft CWE-416	8.8
2018-08-28	CVE-2017-15411	Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google debian redhat CWE-416	8.8
2018-08-28	CVE-2017-15410	Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google debian redhat CWE-416	8.8
2018-08-28	CVE-2017-15409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian redhat CWE-119	8.8
2018-08-28	CVE-2017-15408	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. network low complexity google debian redhat CWE-119	8.8
2018-08-28	CVE-2017-15407	Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server. network low complexity google debian redhat CWE-787	8.8
2018-08-28	CVE-2018-15911	Use of Uninitialized Resource vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. local low complexity debian canonical artifex redhat pulsesecure CWE-908	7.8
2018-08-27	CVE-2018-15910	Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. local low complexity debian canonical artifex redhat pulsesecure CWE-704	7.8
2018-08-27	CVE-2018-15909	Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. local low complexity debian canonical artifex redhat pulsesecure CWE-704	7.8