Latest CVE Feed
-
6.1
MEDIUMCVE-2017-5002
EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an open redirect vulnerability. A remote unprivileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker c... Read more
Affected Products : rsa_archer_egrc- Published: Jul. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5012
A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more
Affected Products : chrome- Published: Feb. 17, 2017
- Modified: Apr. 20, 2025
-
6.8
MEDIUMCVE-2017-5019
A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more
Affected Products : chrome- Published: Feb. 17, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-5068
Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-5093
Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-5026
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page.... Read more
Affected Products : chrome- Published: Feb. 17, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5059
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5070
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.... Read more
- Actively Exploited
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-5022
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML p... Read more
Affected Products : chrome- Published: Feb. 17, 2017
- Modified: Apr. 20, 2025
-
4.3
MEDIUMCVE-2017-5083
Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5030
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.... Read more
- Actively Exploited
- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025
-
6.8
MEDIUMCVE-2017-5044
Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.... Read more
- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5034
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.... Read more
- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5113
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2017-5039
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.... Read more
- Published: Apr. 24, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2017-5066
Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificat... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5063
A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
5.5
MEDIUMCVE-2017-5082
Failure to take advantage of available mitigations in credit card autofill in Google Chrome prior to 59.0.3071.92 for Android allowed a local attacker to take screen shots of credit card information via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5077
Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.... Read more
- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-5100
A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.... Read more
Affected Products : debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation chrome windows- Published: Oct. 27, 2017
- Modified: Apr. 20, 2025