Max CVSS | 6.8 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-5094 | 4.3 |
Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page.
|
11-04-2022 - 19:28 | 27-10-2017 - 05:29 | |
CVE-2017-5107 | 2.6 |
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page.
|
08-04-2022 - 11:26 | 27-10-2017 - 05:29 | |
CVE-2017-5106 | 4.3 |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
|
08-04-2022 - 11:25 | 27-10-2017 - 05:29 | |
CVE-2017-5105 | 4.3 |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
|
08-04-2022 - 11:24 | 27-10-2017 - 05:29 | |
CVE-2017-5104 | 4.3 |
Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page.
|
08-04-2022 - 11:23 | 27-10-2017 - 05:29 | |
CVE-2017-5103 | 4.3 |
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
08-04-2022 - 11:07 | 27-10-2017 - 05:29 | |
CVE-2017-5102 | 4.3 |
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
08-04-2022 - 11:06 | 27-10-2017 - 05:29 | |
CVE-2017-5101 | 4.3 |
Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.
|
08-04-2022 - 10:59 | 27-10-2017 - 05:29 | |
CVE-2017-5100 | 6.8 |
A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
08-04-2022 - 10:58 | 27-10-2017 - 05:29 | |
CVE-2017-5098 | 6.8 |
A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
08-04-2022 - 10:56 | 27-10-2017 - 05:29 | |
CVE-2017-5095 | 6.8 |
Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.
|
08-04-2022 - 10:55 | 27-10-2017 - 05:29 | |
CVE-2017-5108 | 6.8 |
Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file.
|
06-04-2022 - 18:33 | 27-10-2017 - 05:29 | |
CVE-2017-5093 | 4.3 |
Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page.
|
06-04-2022 - 18:30 | 27-10-2017 - 05:29 | |
CVE-2017-5109 | 4.3 |
Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.
|
06-04-2022 - 18:28 | 27-10-2017 - 05:29 | |
CVE-2017-5091 | 6.8 |
A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
06-04-2022 - 18:24 | 27-10-2017 - 05:29 | |
CVE-2017-5110 | 4.3 |
Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted H
|
06-04-2022 - 17:11 | 27-10-2017 - 05:29 | |
CVE-2017-5097 | 6.8 |
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
05-01-2018 - 02:31 | 27-10-2017 - 05:29 | |
CVE-2017-5092 | 6.8 |
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
05-01-2018 - 02:31 | 27-10-2017 - 05:29 | |
CVE-2017-5096 | 4.3 |
Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a crafted HTML page, related to intents.
|
05-01-2018 - 02:31 | 27-10-2017 - 05:29 | |
CVE-2017-5099 | 6.8 |
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page.
|
05-01-2018 - 02:31 | 27-10-2017 - 05:29 |