Vulnerabilities > Google > Chrome > 25.0.1364.24
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-27 | CVE-2017-5065 | Improper Input Validation vulnerability in multiple products Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page. | 4.7 |
2017-10-27 | CVE-2017-5064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5063 | Integer Overflow or Wraparound vulnerability in multiple products A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5062 | Use After Free vulnerability in multiple products A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension. | 8.8 |
2017-10-27 | CVE-2017-5061 | Race Condition vulnerability in multiple products A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 5.3 |
2017-10-27 | CVE-2017-5060 | Incorrect Authorization vulnerability in multiple products Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. | 6.5 |
2017-10-27 | CVE-2017-5059 | Type Confusion vulnerability in multiple products Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5058 | Use After Free vulnerability in Google Chrome A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2017-10-27 | CVE-2017-5057 | Type Confusion vulnerability in multiple products Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | 8.8 |
2017-10-27 | CVE-2017-5056 | Use After Free vulnerability in multiple products A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |