Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-5130 | 6.8 |
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
|
08-04-2022 - 23:15 | 07-02-2018 - 23:29 | |
CVE-2017-15387 | 6.8 |
Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
|
03-10-2019 - 00:03 | 07-02-2018 - 23:29 | |
CVE-2017-15393 | 6.8 |
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.
|
03-10-2019 - 00:03 | 07-02-2018 - 23:29 | |
CVE-2017-15391 | 4.3 |
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page.
|
03-10-2019 - 00:03 | 07-02-2018 - 23:29 | |
CVE-2017-5133 | 6.8 |
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.
|
11-12-2018 - 15:29 | 07-02-2018 - 23:29 | |
CVE-2017-5132 | 6.8 |
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.
|
23-02-2018 - 15:56 | 07-02-2018 - 23:29 | |
CVE-2017-5128 | 6.8 |
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
|
23-02-2018 - 15:56 | 07-02-2018 - 23:29 | |
CVE-2017-5125 | 6.8 |
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
23-02-2018 - 15:55 | 07-02-2018 - 23:29 | |
CVE-2017-5127 | 6.8 |
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
23-02-2018 - 15:55 | 07-02-2018 - 23:29 | |
CVE-2017-5124 | 4.3 |
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
|
23-02-2018 - 15:54 | 07-02-2018 - 23:29 | |
CVE-2017-15395 | 4.3 |
A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference.
|
23-02-2018 - 15:48 | 07-02-2018 - 23:29 | |
CVE-2017-15394 | 4.3 |
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension.
|
23-02-2018 - 15:47 | 07-02-2018 - 23:29 | |
CVE-2017-15392 | 4.0 |
Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration.
|
23-02-2018 - 15:45 | 07-02-2018 - 23:29 | |
CVE-2017-15390 | 4.3 |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
|
23-02-2018 - 15:38 | 07-02-2018 - 23:29 | |
CVE-2017-15386 | 4.3 |
Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
23-02-2018 - 15:37 | 07-02-2018 - 23:29 | |
CVE-2017-5131 | 6.8 |
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
|
22-02-2018 - 17:33 | 07-02-2018 - 23:29 | |
CVE-2017-5129 | 6.8 |
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
22-02-2018 - 17:32 | 07-02-2018 - 23:29 | |
CVE-2017-5126 | 6.8 |
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
22-02-2018 - 17:32 | 07-02-2018 - 23:29 | |
CVE-2017-15389 | 4.3 |
An insufficient watchdog timer in navigation in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
22-02-2018 - 17:30 | 07-02-2018 - 23:29 | |
CVE-2017-15388 | 6.8 |
Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
22-02-2018 - 17:28 | 07-02-2018 - 23:29 |