Google - Chrome CVE

Filtered by vendor Google

Filtered by product Chrome

Total 3816 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-5819	5 Apple, Debian, Fedoraproject and 2 more	6 Macos, Debian Linux, Fedora and 3 more	2024-11-21	4.4 MEDIUM	7.8 HIGH
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
CVE-2019-5818	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
CVE-2019-5817	5 Debian, Fedoraproject, Google and 2 more	6 Debian Linux, Fedora, Chrome and 3 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5816	3 Fedoraproject, Google, Opensuse	5 Fedora, Android, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
CVE-2019-5814	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-5813	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5812	3 Apple, Fedoraproject, Google	3 Iphone Os, Fedora, Chrome	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5811	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2019-5810	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2019-5809	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
CVE-2019-5808	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5807	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5806	5 Debian, Fedoraproject, Google and 2 more	6 Debian Linux, Fedora, Chrome and 3 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5805	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5804	3 Google, Microsoft, Opensuse	4 Chrome, Windows, Backports and 1 more	2024-11-21	2.1 LOW	5.5 MEDIUM
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name.
CVE-2019-5803	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5802	2 Google, Opensuse	3 Chrome, Backports Sle, Leap	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5801	3 Apple, Google, Opensuse	4 Iphone Os, Chrome, Backports and 1 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5800	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5799	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5798	6 Canonical, Debian, Google and 3 more	7 Ubuntu Linux, Debian Linux, Chrome and 4 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2019-5796	2 Google, Opensuse	3 Chrome, Backports Sle, Leap	2024-11-21	5.1 MEDIUM	7.5 HIGH
Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5795	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	6.8 MEDIUM	8.8 HIGH
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
CVE-2019-5794	2 Google, Opensuse	3 Chrome, Backports Sle, Leap	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect handling of cancelled requests in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5793	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.
CVE-2019-5792	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	6.8 MEDIUM	8.8 HIGH
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
CVE-2019-5791	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	6.8 MEDIUM	8.8 HIGH
Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2019-5790	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	6.8 MEDIUM	8.8 HIGH
An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-5789	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	9.3 HIGH	8.8 HIGH
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
CVE-2019-5788	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	9.3 HIGH	8.8 HIGH
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
CVE-2019-5787	2 Google, Opensuse	3 Chrome, Backports, Leap	2024-11-21	9.3 HIGH	8.8 HIGH
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5785	1 Google	1 Chrome	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect convexity calculations in Skia in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
CVE-2019-5784	1 Google	1 Chrome	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect handling of deferred code in V8 in Google Chrome prior to 72.0.3626.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5783	2 Debian, Google	2 Debian Linux, Chrome	2024-11-21	6.8 MEDIUM	8.8 HIGH
Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page.
CVE-2019-5782	4 Debian, Fedoraproject, Google and 1 more	6 Debian Linux, Fedora, Chrome and 3 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-5781	4 Debian, Fedoraproject, Google and 1 more	6 Debian Linux, Fedora, Chrome and 3 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2019-5780	5 Apple, Debian, Fedoraproject and 2 more	7 Macos, Debian Linux, Fedora and 4 more	2024-11-21	4.6 MEDIUM	7.8 HIGH
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.
CVE-2019-5779	4 Debian, Fedoraproject, Google and 1 more	6 Debian Linux, Fedora, Chrome and 3 more	2024-11-21	4.3 MEDIUM	4.3 MEDIUM
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-5778	4 Debian, Fedoraproject, Google and 1 more	6 Debian Linux, Fedora, Chrome and 3 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.
CVE-2019-5777	4 Debian, Fedoraproject, Google and 1 more	6 Debian Linux, Fedora, Chrome and 3 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

Vulnerabilities (CVE)