CVE-2017-5016
- EPSS 1.29%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a p...
CVE-2017-5017
- EPSS 1.25%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML page.
CVE-2017-5018
- EPSS 1.12%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privi...
CVE-2017-5019
- EPSS 1.11%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-5020
- EPSS 2.07%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who convinced a user to install a malicious extension to ...
CVE-2017-5021
- EPSS 1.31%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5022
- EPSS 1.21%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted H...
CVE-2017-5023
- EPSS 1.4%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.
CVE-2017-5024
- EPSS 1.12%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
CVE-2017-5025
- EPSS 1.12%
- Veröffentlicht 17.02.2017 07:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.