Vulnerabilities > Google > Chrome > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-23 | CVE-2019-5789 | Use After Free vulnerability in multiple products An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2019-05-23 | CVE-2019-5788 | Use After Free vulnerability in multiple products An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2019-05-23 | CVE-2019-5787 | Use After Free vulnerability in multiple products Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2019-02-19 | CVE-2019-5783 | Improper Input Validation vulnerability in multiple products Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page. | 8.8 |
| 2019-02-19 | CVE-2019-5782 | Out-of-bounds Write vulnerability in multiple products Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
| 2019-02-19 | CVE-2019-5780 | Improper Input Validation vulnerability in multiple products Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events. | 7.8 |
| 2019-02-19 | CVE-2019-5774 | Missing Authorization vulnerability in multiple products Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file. | 8.8 |
| 2019-02-19 | CVE-2019-5772 | Use After Free vulnerability in multiple products Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
| 2019-02-19 | CVE-2019-5771 | An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2019-02-19 | CVE-2019-5770 | Out-of-bounds Read vulnerability in multiple products Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |