| Month | Quarter | Year |
|---|---|---|
| #9 | #5 | #5 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2017-5113 | CWE-119 | Buffer Errors | 8.8 |
|
Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||
| CVE-2017-5103 | CWE-200 | Information Leak / Disclosure | 4.3 |
|
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
|||
| CVE-2017-5102 | CWE-200 | Information Leak / Disclosure | 4.3 |
|
Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
|||
| CVE-2017-5100 | CWE-416 | Use After Free | 8.8 |
|
A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
|||
| CVE-2017-5097 | CWE-20 | Input Validation | 8.8 |
|
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
|||
| CVE-2017-5095 | CWE-119 | Buffer Errors | 8.8 |
|
Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.
|
|||
| CVE-2017-5094 | CWE-704 | Incorrect Type Conversion or Cast | 6.5 |
|
Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page.
|
|||
| CVE-2017-5043 | CWE-416 | Use After Free | 8.8 |
|
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.
|
|||
| CVE-2017-5038 | CWE-416 | Use After Free | 6.3 |
|
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.
|
|||
| CVE-2017-5036 | CWE-416 | Use After Free | 8.8 |
|
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file.
|
|||