Google

Chrome

4157 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2017-5029

  • EPSS 1.23%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which a...

8.8

CVE-2017-5030

Warnung Exploit
  • EPSS 50.31%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 21.04.2026 17:51:06

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.

8.8

CVE-2017-5031

  • EPSS 0.76%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8

CVE-2017-5032

  • EPSS 0.91%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

PDFium in Google Chrome prior to 57.0.2987.98 for Windows could be made to increment off the end of a buffer, which allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

4.3

CVE-2017-5033

  • EPSS 0.61%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a craft...

8.8

CVE-2017-5034

  • EPSS 0.91%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.

8.1

CVE-2017-5035

  • EPSS 0.44%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.

7.8

CVE-2017-5036

  • EPSS 0.28%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file.

7.8

CVE-2017-5037

  • EPSS 0.28%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.

6.8

CVE-2017-5038

  • EPSS 0.94%
  • Veröffentlicht 24.04.2017 23:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.