National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:google:chrome:24.0.1291.1
There are 1,082 matching records.
Displaying matches 261 through 280.
Vuln ID Summary CVSS Severity
CVE-2017-15417

Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: August 28, 2018; 03:29:09 PM -04:00
V3: 5.3 MEDIUM
V2: 2.6 LOW
CVE-2017-15416

Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read.

Published: August 28, 2018; 03:29:08 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-15415

Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page.

Published: August 28, 2018; 03:29:07 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-15413

Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: August 28, 2018; 03:29:06 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-15412

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: August 28, 2018; 03:29:05 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-15411

Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Published: August 28, 2018; 03:29:04 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-15410

Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Published: August 28, 2018; 03:29:03 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-15409

Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: August 28, 2018; 03:29:02 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-15408

Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.

Published: August 28, 2018; 03:29:01 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-15407

Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.

Published: August 28, 2018; 03:29:00 PM -04:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5133

Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5132

Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5131

An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5130

An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5129

A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5128

Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5127

Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5126

A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5125

Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: February 07, 2018; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-5124

Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.

Published: February 07, 2018; 06:29:00 PM -05:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM