) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/o:google:chrome_os:53.0.2785.103
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2019-16508 |
The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVRSRVBridgeSyncPrimOpCreate. Published: October 01, 2019; 8:15:10 AM -0400 |
V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-5179 |
Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot. Published: March 06, 2018; 9:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
| CVE-2017-15400 |
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. Published: February 07, 2018; 6:29:00 PM -0500 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
| CVE-2017-15397 |
Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position. Published: February 07, 2018; 6:29:00 PM -0500 |
V3.0: 7.4 HIGH V2.0: 5.8 MEDIUM |
| CVE-2017-5084 |
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint. Published: October 27, 2017; 1:29:01 AM -0400 |
V3.0: 3.3 LOW V2.0: 2.1 LOW |