Vulnerabilities > Google > Chrome > 24.0.1301.1

DATE CVE VULNERABILITY TITLE RISK
2017-10-27 CVE-2017-5116 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google redhat debian CWE-843
8.8
2017-10-27 CVE-2017-5115 Incorrect Type Conversion or Cast vulnerability in Google Chrome
Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google CWE-704
8.8
2017-10-27 CVE-2017-5114 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-119
8.8
2017-10-27 CVE-2017-5113 Out-of-bounds Write vulnerability in multiple products
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian redhat CWE-787
8.8
2017-10-27 CVE-2017-5112 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome
Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google CWE-119
8.8
2017-10-27 CVE-2017-5111 Use After Free vulnerability in multiple products
A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
network
low complexity
google redhat debian CWE-416
8.8
2017-10-27 CVE-2017-5110 Improper Input Validation vulnerability in multiple products
Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.
network
low complexity
google debian redhat CWE-20
6.5
2017-10-27 CVE-2017-5109 Improper Input Validation vulnerability in multiple products
Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.
network
low complexity
google debian redhat CWE-20
4.3
2017-10-27 CVE-2017-5108 Type Confusion vulnerability in multiple products
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.
network
low complexity
google redhat CWE-843
8.8
2017-10-27 CVE-2017-5107 Information Exposure Through Discrepancy vulnerability in multiple products
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page.
network
high complexity
google redhat CWE-203
5.3