Vulnerabilities > Google > Chrome > 9.0.570.1

DATE CVE VULNERABILITY TITLE RISK
2018-02-07 CVE-2017-5131 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
network
low complexity
google debian CWE-190
8.8
2018-02-07 CVE-2017-5130 Out-of-bounds Write vulnerability in multiple products
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
network
low complexity
google debian xmlsoft CWE-787
8.8
2018-02-07 CVE-2017-5129 Use After Free vulnerability in multiple products
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian CWE-416
8.8
2018-02-07 CVE-2017-5128 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
network
low complexity
google debian CWE-119
8.8
2018-02-07 CVE-2017-5127 Use After Free vulnerability in multiple products
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian CWE-416
8.8
2018-02-07 CVE-2017-5126 Use After Free vulnerability in multiple products
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian CWE-416
8.8
2018-02-07 CVE-2017-5125 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian CWE-119
8.8
2018-02-07 CVE-2017-5124 Cross-site Scripting vulnerability in multiple products
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
network
low complexity
google debian CWE-79
6.1
2018-02-07 CVE-2017-15395 Use After Free vulnerability in multiple products
A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference.
network
low complexity
google debian CWE-416
6.5
2018-02-07 CVE-2017-15394 Improper Input Validation vulnerability in multiple products
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension.
network
low complexity
google debian CWE-20
6.5