High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-20	CVE-2019-7164	SQL Injection vulnerability in multiple products SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. network low complexity sqlalchemy debian opensuse redhat oracle CWE-89	7.5
2019-02-19	CVE-2019-5782	Out-of-bounds Write vulnerability in multiple products Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. network low complexity google debian redhat fedoraproject CWE-787	8.8
2019-02-19	CVE-2019-5780	Improper Input Validation vulnerability in multiple products Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events. local low complexity google redhat debian fedoraproject CWE-20	7.8
2019-02-19	CVE-2019-5774	Missing Authorization vulnerability in multiple products Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file. network low complexity google debian redhat fedoraproject CWE-862	8.8
2019-02-19	CVE-2019-5772	Use After Free vulnerability in multiple products Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google debian redhat fedoraproject CWE-416	8.8
2019-02-19	CVE-2019-5771	An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google redhat fedoraproject	8.8
2019-02-19	CVE-2019-5770	Out-of-bounds Read vulnerability in multiple products Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian redhat fedoraproject CWE-125	8.8
2019-02-19	CVE-2019-5769	Improper Input Validation vulnerability in multiple products Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google redhat debian fedoraproject CWE-20	8.8
2019-02-19	CVE-2019-5764	Use After Free vulnerability in multiple products Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian redhat fedoraproject CWE-416	8.8
2019-02-19	CVE-2019-5763	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian redhat fedoraproject CWE-754	8.8