Vulnerabilities > Redhat > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-27 CVE-2017-5111 Use After Free vulnerability in multiple products
A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file.
network
low complexity
google redhat debian CWE-416
8.8
8.8
2017-10-27 CVE-2017-5108 Type Confusion vulnerability in multiple products
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.
network
low complexity
google redhat CWE-843
8.8
8.8
2017-10-27 CVE-2017-5100 Use After Free vulnerability in multiple products
A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian redhat CWE-416
8.8
8.8
2017-10-27 CVE-2017-5098 Use After Free vulnerability in multiple products
A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian redhat CWE-416
8.8
8.8
2017-10-27 CVE-2017-5095 Out-of-bounds Write vulnerability in multiple products
Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.
network
low complexity
google debian redhat CWE-787
8.8
8.8
2017-10-27 CVE-2017-5091 Use After Free vulnerability in multiple products
A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian redhat CWE-416
8.8
8.8
2017-10-27 CVE-2017-5088 Out-of-bounds Read vulnerability in multiple products
Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
network
low complexity
google redhat CWE-125
8.8
8.8
2017-10-27 CVE-2017-5087 Use After Free vulnerability in multiple products
A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape.
network
low complexity
google redhat CWE-416
8.8
8.8
2017-10-27 CVE-2017-5078 Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121.
network
low complexity
google redhat
8.8
8.8
2017-10-27 CVE-2017-5077 Out-of-bounds Read vulnerability in multiple products
Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google redhat CWE-125
8.8
8.8