Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-27	CVE-2019-5818	Use of Uninitialized Resource vulnerability in multiple products Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. network low complexity google opensuse debian fedoraproject CWE-908	6.5
2019-06-27	CVE-2019-5814	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-352	6.5
2019-06-27	CVE-2019-5810	Cleartext Storage of Sensitive Information vulnerability in multiple products Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-312	6.5
2019-06-27	CVE-2019-5805	Use After Free vulnerability in multiple products Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google opensuse debian fedoraproject CWE-416	6.5
2019-05-23	CVE-2019-5804	Argument Injection or Modification vulnerability in multiple products Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. local low complexity google opensuse CWE-88	5.5
2019-05-23	CVE-2019-5803	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5801	Improper Input Validation vulnerability in multiple products Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5800	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5799	Improper Input Validation vulnerability in multiple products Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5798	Out-of-bounds Read vulnerability in multiple products Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian redhat opensuse canonical suse CWE-125	6.5