Vulnerabilities > Google > Chrome

DATE CVE VULNERABILITY TITLE RISK
2018-08-28 CVE-2017-15412 Use After Free vulnerability in multiple products
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
redhat debian google xmlsoft CWE-416
8.8
2018-08-28 CVE-2017-15411 Use After Free vulnerability in multiple products
Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-416
8.8
2018-08-28 CVE-2017-15410 Use After Free vulnerability in multiple products
Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-416
8.8
2018-08-28 CVE-2017-15409 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian redhat CWE-119
8.8
2018-08-28 CVE-2017-15408 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.
network
low complexity
google debian redhat CWE-119
8.8
2018-08-28 CVE-2017-15407 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.
network
low complexity
google debian redhat CWE-787
8.8
2018-05-04 CVE-2018-10229 Information Exposure vulnerability in multiple products
A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
network
high complexity
google mozilla lg CWE-200
4.8
2018-02-07 CVE-2017-5133 Out-of-bounds Write vulnerability in multiple products
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.
network
low complexity
google debian CWE-787
8.8
2018-02-07 CVE-2017-5132 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.
network
low complexity
google debian CWE-119
8.8
2018-02-07 CVE-2017-5131 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
network
low complexity
google debian CWE-190
8.8