CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » 1.0.154.42 : Security Vulnerabilities (CVSS score >= 5)

Cpe Name:cpe:/a:google:chrome:1.0.154.42
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-5836 119 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
2 CVE-2019-5831 119 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
3 CVE-2019-5829 416 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
4 CVE-2019-5828 416 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
5 CVE-2019-5827 190 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
6 CVE-2019-5824 119 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
7 CVE-2019-5823 601 Bypass 2019-06-27 2019-07-25
5.8
None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
8 CVE-2019-5822 284 Bypass 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
9 CVE-2019-5821 190 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
10 CVE-2019-5820 190 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
11 CVE-2019-5817 119 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
12 CVE-2019-5816 664 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
13 CVE-2019-5813 416 2019-06-27 2019-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
14 CVE-2019-5811 19 Bypass 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
15 CVE-2019-5809 416 2019-06-27 2019-07-01
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
16 CVE-2019-5808 416 2019-06-27 2019-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
17 CVE-2019-5807 119 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
18 CVE-2019-5806 190 Overflow 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
19 CVE-2019-5796 362 2019-05-23 2019-06-28
5.1
None Remote High Not required Partial Partial Partial
Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
20 CVE-2019-5795 190 Overflow 2019-05-23 2019-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
21 CVE-2019-5792 190 Overflow 2019-05-23 2019-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.
22 CVE-2019-5791 125 2019-05-23 2019-06-28
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
23 CVE-2019-5790 190 Exec Code Overflow 2019-05-23 2019-06-28
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
24 CVE-2019-5789 190 Exec Code Overflow 2019-05-23 2019-06-28
9.3
None Remote Medium Not required Complete Complete Complete
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
25 CVE-2019-5788 190 Exec Code Overflow 2019-05-23 2019-06-28
9.3
None Remote Medium Not required Complete Complete Complete
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
26 CVE-2019-5787 416 2019-05-23 2019-06-28
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27 CVE-2019-5782 20 Exec Code 2019-02-19 2019-04-17
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
28 CVE-2019-5774 20 Exec Code 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file.
29 CVE-2019-5772 416 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
30 CVE-2019-5771 119 Exec Code Overflow 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
31 CVE-2019-5770 125 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
32 CVE-2019-5769 20 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
33 CVE-2019-5764 416 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
34 CVE-2019-5763 20 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
35 CVE-2019-5762 119 Exec Code Overflow 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
36 CVE-2019-5761 416 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
37 CVE-2019-5760 416 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
38 CVE-2019-5759 416 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
39 CVE-2019-5758 416 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
40 CVE-2019-5757 704 2019-02-19 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
41 CVE-2019-5756 416 Exec Code 2019-02-19 2019-04-17
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
42 CVE-2019-5755 189 2019-02-19 2019-04-17
5.8
None Remote Medium Not required Partial Partial None
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
43 CVE-2018-20346 190 Exec Code Overflow 2018-12-21 2019-06-19
6.8
None Remote Medium Not required Partial Partial Partial
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
44 CVE-2018-20066 416 2019-01-09 2019-01-15
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect object lifecycle in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
45 CVE-2018-20065 20 2019-01-09 2019-01-15
6.8
None Remote Medium Not required Partial Partial Partial
Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to initiate potentially unsafe navigations without a user gesture via a crafted PDF file.
46 CVE-2018-18359 125 2018-12-11 2019-08-17
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
47 CVE-2018-18356 190 Overflow 2018-12-11 2019-06-03
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
48 CVE-2018-18354 20 2018-12-11 2019-08-17
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page.
49 CVE-2018-18347 20 2018-12-11 2019-08-17
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page.
50 CVE-2018-18343 416 2018-12-11 2019-08-17
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Total number of vulnerabilities : 627   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.