Descrição
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Inappropriate implementation vulnerability in QUIC Networking component can be exploited to execute arbitrary code;
- Inappropriate implementation vulnerability in V8 component can be exploited to execute arbitrary code;
- Use after free vulnerability in PDFium component can be exploited remotely to execute arbitrary code;
- Type Confusion vulnerability in SVG component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in Blink component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in HTML select elements can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in WebRTC component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in SwiftShader component can be exploited remotely to execute arbitrary code;
- Insufficient validation vulnerability in V8 component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in browser can be exploited remotely to execute arbitrary code;
- Stack buffer overflow vulnerability in Skia component can be exploited remotely to bypass security restrictions;
- Insufficient policy enforcement vulnerability in Canvas component can be exploited remotely to execute arbitrary code;
- Incorrect security vulnerability of UI in WebAPKs component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in DevTools component can be exploited remotely to execute arbitrary code;
- Insufficient validation of untrusted input vulnerability in Blink component can be exploited remotely to execute arbitrary code;
- Heap buffer overflow vulnerability in WebGL component can be exploited remotely to execute arbitrary code;
- Heap buffer overflow vulnerability in SwiftShader component can be exploited remotely to execute arbitrary code;
- Insufficient data validation vulnerability in IndexedDB component can be exploited remotely to execute arbitrary code;
- Insufficient validation of untrusted input vulnerability in SafeBrowsing component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in Omnibox component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in Extensions component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in ServiceWorker component can be exploited remotely to execute arbitrary code;
- Insufficient validation of untrusted input vulnerability in DevTools component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in FileAPI component can be exploited remotely to execute arbitrary code.
Comunicados originais
Exploração
Public exploits exist for this vulnerability.
Produtos relacionados
Lista de CVE
- CVE-2019-5754 high
- CVE-2019-5782 critical
- CVE-2019-5755 critical
- CVE-2019-5756 critical
- CVE-2019-5757 critical
- CVE-2019-5758 critical
- CVE-2019-5759 critical
- CVE-2019-5760 critical
- CVE-2019-5761 critical
- CVE-2019-5762 critical
- CVE-2019-5763 critical
- CVE-2019-5764 critical
- CVE-2019-5765 high
- CVE-2019-5785 high
- CVE-2019-5766 high
- CVE-2019-5767 high
- CVE-2019-5768 high
- CVE-2019-5769 critical
- CVE-2019-5770 critical
- CVE-2019-5771 critical
- CVE-2019-5772 critical
- CVE-2019-5773 high
- CVE-2019-5774 critical
- CVE-2019-5775 high
- CVE-2019-5776 high
- CVE-2019-5777 high
- CVE-2019-5778 high
- CVE-2019-5779 warning
- CVE-2019-5780 critical
- CVE-2019-5783 critical
- CVE-2019-5781 high
- CVE-2019-13684 high
- CVE-2018-20073 high
- CVE-2019-13768 high
Saiba mais
Descubra as estatísticas das vulnerabilidades que se espalham em sua região statistics.securelist.com
Encontrou uma imprecisão na descrição desta vulnerabilidade? Avise-nos!