Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-25	CVE-2019-13697	Information Exposure Through an Error Message vulnerability in Google Chrome Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google CWE-209	6.5
2019-11-25	CVE-2019-13691	Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google	4.3
2019-11-25	CVE-2019-13684	Information Exposure Through Discrepancy vulnerability in Google Chrome Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network high complexity google CWE-203	5.3
2019-11-25	CVE-2019-13683	Improper Handling of Exceptional Conditions vulnerability in Google Chrome Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google CWE-755	6.5
2019-11-25	CVE-2019-13681	Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page. network low complexity google CWE-732	4.3
2019-11-25	CVE-2019-13680	Unspecified vulnerability in Google Chrome Inappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections. network low complexity google	5.3
2019-11-25	CVE-2019-13678	Unspecified vulnerability in Google Chrome Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google	6.5
2019-11-25	CVE-2019-13677	Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. network low complexity google CWE-732	6.5
2019-11-25	CVE-2019-13676	Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google CWE-732	4.3
2019-11-25	CVE-2019-13675	Improper Input Validation vulnerability in Google Chrome Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page. network low complexity google CWE-20	4.3