Vulnerabilities > Google > Chrome > 2.0.172.38
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-09 | CVE-2018-16079 | Race Condition vulnerability in multiple products A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 5.3 |
2019-01-09 | CVE-2018-16078 | Information Exposure vulnerability in multiple products Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-16076 | Out-of-bounds Read vulnerability in multiple products Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | 8.8 |
2019-01-09 | CVE-2018-16072 | Origin Validation Error vulnerability in Google Chrome A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-16071 | Use After Free vulnerability in multiple products A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | 8.8 |
2019-01-09 | CVE-2018-16068 | Improper Input Validation vulnerability in multiple products Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2019-01-09 | CVE-2018-16067 | Use After Free vulnerability in multiple products A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-16066 | Use After Free vulnerability in multiple products A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-16065 | Use After Free vulnerability in multiple products A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
2019-01-09 | CVE-2017-15428 | Out-of-bounds Write vulnerability in Google Chrome Insufficient data validation in V8 builtins string generator could lead to out of bounds read and write access in V8 in Google Chrome prior to 62.0.3202.94 and allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |