Vulnerabilities > Google > Chrome > 31.0.1650.35

DATE CVE VULNERABILITY TITLE RISK
2019-02-19 CVE-2019-5781 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
network
low complexity
google debian redhat fedoraproject
6.5
2019-02-19 CVE-2019-5780 Improper Input Validation vulnerability in multiple products
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.
local
low complexity
google redhat debian fedoraproject CWE-20
7.8
2019-02-19 CVE-2019-5779 Missing Authorization vulnerability in multiple products
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google debian redhat fedoraproject CWE-862
4.3
2019-02-19 CVE-2019-5778 Cross-site Scripting vulnerability in multiple products
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.
network
low complexity
google debian redhat fedoraproject CWE-79
6.5
2019-02-19 CVE-2019-5777 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
network
low complexity
google redhat debian fedoraproject
6.5
2019-02-19 CVE-2019-5776 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
network
low complexity
google debian redhat fedoraproject
6.5
2019-02-19 CVE-2019-5775 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
network
low complexity
google debian redhat fedoraproject
6.5
2019-02-19 CVE-2019-5774 Missing Authorization vulnerability in multiple products
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file.
network
low complexity
google debian redhat fedoraproject CWE-862
8.8
2019-02-19 CVE-2019-5773 Origin Validation Error vulnerability in multiple products
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
network
low complexity
google debian redhat fedoraproject CWE-346
6.5
2019-02-19 CVE-2019-5772 Use After Free vulnerability in multiple products
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian redhat fedoraproject CWE-416
8.8