Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-07 | CVE-2017-5127 | Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
| 2018-02-07 | CVE-2017-5126 | Use After Free vulnerability in multiple products A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
| 2018-02-07 | CVE-2017-5125 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2018-02-07 | CVE-2017-15400 | CRLF Injection vulnerability in Google Chrome OS Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. | 7.8 |
| 2018-02-07 | CVE-2017-15397 | Missing Encryption of Sensitive Data vulnerability in Google Chrome OS Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position. | 7.4 |
| 2018-02-07 | CVE-2017-15393 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak. | 8.8 |
| 2018-02-07 | CVE-2017-15388 | Out-of-bounds Read vulnerability in multiple products Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |
| 2018-02-07 | CVE-2017-15387 | Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page. | 8.8 |
| 2018-02-06 | CVE-2017-6279 | Out-of-bounds Write vulnerability in Google Android NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. | 7.8 |
| 2018-02-06 | CVE-2017-6258 | Out-of-bounds Write vulnerability in Google Android NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. | 7.8 |