Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2019-06-27 CVE-2019-5808 Use After Free vulnerability in multiple products
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-416
8.8
8.8
2019-06-27 CVE-2019-5807 Out-of-bounds Write vulnerability in multiple products
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-787
8.8
8.8
2019-06-27 CVE-2019-5806 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-190
8.8
8.8
2019-06-27 CVE-2018-6176 Improper Input Validation vulnerability in Google Chrome
Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension.
local
low complexity
google CWE-20
7.8
7.8
2019-06-27 CVE-2018-6161 Improper Input Validation vulnerability in Google Chrome
Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
network
low complexity
google CWE-20
8.8
8.8
2019-06-27 CVE-2018-6157 Incorrect Type Conversion or Cast vulnerability in Google Chrome
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
network
low complexity
google CWE-704
8.8
8.8
2019-06-27 CVE-2018-6156 Out-of-bounds Write vulnerability in multiple products
Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
network
low complexity
google canonical CWE-787
8.8
8.8
2019-06-27 CVE-2018-6154 Out-of-bounds Write vulnerability in Google Chrome
Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-787
8.8
8.8
2019-06-27 CVE-2018-6149 Out-of-bounds Write vulnerability in Google Chrome
Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google CWE-787
8.8
8.8
2019-06-27 CVE-2018-6138 Improper Input Validation vulnerability in Google Chrome
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
network
low complexity
google CWE-20
8.1
8.1