Vulnerabilities > Google > Chrome > High

DATE CVE VULNERABILITY TITLE RISK
2019-01-09 CVE-2018-6174 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google debian redhat CWE-190
8.8
2019-01-09 CVE-2018-6170 Incorrect Type Conversion or Cast vulnerability in multiple products
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-704
8.8
2019-01-09 CVE-2018-6162 Deserialization of Untrusted Data vulnerability in multiple products
Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian redhat CWE-502
8.8
2019-01-09 CVE-2018-6158 Race Condition vulnerability in multiple products
A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
high complexity
google debian redhat CWE-362
7.5
2019-01-09 CVE-2018-6153 Out-of-bounds Write vulnerability in multiple products
A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google debian redhat CWE-787
8.8
2019-01-09 CVE-2018-6151 Out-of-bounds Read vulnerability in multiple products
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.
network
low complexity
google debian redhat CWE-125
8.8
2019-01-09 CVE-2018-6144 Out-of-bounds Write vulnerability in multiple products
Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file.
network
low complexity
google debian redhat CWE-787
8.8
2019-01-09 CVE-2018-6141 Out-of-bounds Read vulnerability in multiple products
Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian redhat CWE-125
8.8
2019-01-09 CVE-2018-6140 Improper Input Validation vulnerability in multiple products
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
network
low complexity
google debian redhat CWE-20
8.8
2019-01-09 CVE-2018-6139 Improper Input Validation vulnerability in multiple products
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
network
low complexity
google debian redhat CWE-20
8.8