Google

Chrome

3771 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2017-5117

  • EPSS 0.77%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

4.3

CVE-2017-5118

  • EPSS 0.61%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a...

4.3

CVE-2017-5119

  • EPSS 0.91%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5

CVE-2017-5120

  • EPSS 0.87%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafte...

8.8

CVE-2017-5121

  • EPSS 5.12%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase.

8.8

CVE-2017-5122

  • EPSS 1.48%
  • Veröffentlicht 27.10.2017 05:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page.

8

CVE-2017-5074

  • EPSS 0.42%
  • Veröffentlicht 27.10.2017 05:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.

4.3

CVE-2017-5075

  • EPSS 0.67%
  • Veröffentlicht 27.10.2017 05:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page.

6.5

CVE-2017-5076

  • EPSS 0.67%
  • Veröffentlicht 27.10.2017 05:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

8.8

CVE-2017-5077

  • EPSS 0.86%
  • Veröffentlicht 27.10.2017 05:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.