Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-5879 | 4.3 |
Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
|
01-01-2022 - 20:12 | 25-11-2019 - 15:15 | |
CVE-2019-5874 | 6.8 |
Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
21-07-2021 - 11:39 | 25-11-2019 - 15:15 | |
CVE-2019-5875 | 4.3 |
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
21-07-2021 - 11:39 | 25-11-2019 - 15:15 | |
CVE-2019-13666 | 4.3 |
Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
21-07-2021 - 11:39 | 25-11-2019 - 15:15 | |
CVE-2019-5872 | 4.3 |
Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-5876 | 6.8 |
Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-5877 | 6.8 |
Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-5878 | 6.8 |
Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13667 | 4.3 |
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13680 | 5.0 |
Inappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13682 | 6.8 |
Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13683 | 4.3 |
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13673 | 4.3 |
Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13659 | 4.3 |
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13662 | 4.3 |
Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13669 | 4.3 |
Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13674 | 4.3 |
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13661 | 4.3 |
UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13663 | 4.3 |
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13671 | 4.3 |
UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13670 | 4.3 |
Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13697 | 4.3 |
Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13678 | 4.3 |
Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13668 | 4.3 |
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13664 | 4.3 |
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13691 | 4.3 |
Insufficient validation of untrusted input in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13660 | 4.3 |
UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.
|
24-08-2020 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13679 | 4.3 |
Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file.
|
03-12-2019 - 18:39 | 25-11-2019 - 15:15 | |
CVE-2019-13681 | 4.3 |
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
|
03-12-2019 - 18:15 | 25-11-2019 - 15:15 | |
CVE-2019-13665 | 4.3 |
Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.
|
02-12-2019 - 18:52 | 25-11-2019 - 15:15 | |
CVE-2019-13675 | 4.3 |
Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page.
|
02-12-2019 - 17:37 | 25-11-2019 - 15:15 | |
CVE-2019-13676 | 4.3 |
Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
|
02-12-2019 - 17:35 | 25-11-2019 - 15:15 | |
CVE-2019-13677 | 4.3 |
Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
|
02-12-2019 - 17:34 | 25-11-2019 - 15:15 | |
CVE-2019-5871 | 6.8 |
Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
02-12-2019 - 14:50 | 25-11-2019 - 15:15 | |
CVE-2019-5880 | 4.3 |
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
02-12-2019 - 14:21 | 25-11-2019 - 15:15 | |
CVE-2019-5881 | 5.8 |
Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
02-12-2019 - 14:15 | 25-11-2019 - 15:15 | |
CVE-2019-13692 | 6.8 |
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
|
27-11-2019 - 21:40 | 25-11-2019 - 15:15 | |
CVE-2019-13685 | 6.8 |
Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
27-11-2019 - 01:31 | 25-11-2019 - 15:15 | |
CVE-2019-13686 | 6.8 |
Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
27-11-2019 - 01:25 | 25-11-2019 - 15:15 | |
CVE-2019-13687 | 6.8 |
Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
27-11-2019 - 01:14 | 25-11-2019 - 15:15 | |
CVE-2019-13688 | 6.8 |
Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
27-11-2019 - 01:00 | 25-11-2019 - 15:15 | |
CVE-2019-13694 | 6.8 |
Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
27-11-2019 - 00:58 | 25-11-2019 - 15:15 | |
CVE-2019-13696 | 6.8 |
Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
27-11-2019 - 00:56 | 25-11-2019 - 15:15 | |
CVE-2019-13693 | 6.8 |
Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
|
26-11-2019 - 16:00 | 25-11-2019 - 15:15 | |
CVE-2019-13695 | 6.8 |
Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
26-11-2019 - 13:32 | 25-11-2019 - 15:15 | |
CVE-2019-5870 | 6.8 |
Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
25-11-2019 - 21:15 | 25-11-2019 - 15:15 |