Vulnerabilities > Fedoraproject
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-19 | CVE-2019-5771 | An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
2019-02-19 | CVE-2019-5770 | Out-of-bounds Read vulnerability in multiple products Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |
2019-02-19 | CVE-2019-5769 | Improper Input Validation vulnerability in multiple products Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-02-19 | CVE-2019-5768 | Improper Privilege Management vulnerability in multiple products DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension. | 6.5 |
2019-02-19 | CVE-2019-5767 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK. | 6.5 |
2019-02-19 | CVE-2019-5766 | Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2019-02-19 | CVE-2019-5765 | Cleartext Storage of Sensitive Information vulnerability in multiple products An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent. | 5.5 |
2019-02-19 | CVE-2019-5764 | Use After Free vulnerability in multiple products Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-02-19 | CVE-2019-5763 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2019-02-19 | CVE-2019-5762 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | 8.8 |