Description
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Inappropriate implementation vulnerability in QUIC Networking component can be exploited to execute arbitrary code;
- Inappropriate implementation vulnerability in V8 component can be exploited to execute arbitrary code;
- Use after free vulnerability in PDFium component can be exploited remotely to execute arbitrary code;
- Type Confusion vulnerability in SVG component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in Blink component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in HTML select elements can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in WebRTC component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in SwiftShader component can be exploited remotely to execute arbitrary code;
- Insufficient validation vulnerability in V8 component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in browser can be exploited remotely to execute arbitrary code;
- Stack buffer overflow vulnerability in Skia component can be exploited remotely to bypass security restrictions;
- Insufficient policy enforcement vulnerability in Canvas component can be exploited remotely to execute arbitrary code;
- Incorrect security vulnerability of UI in WebAPKs component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in DevTools component can be exploited remotely to execute arbitrary code;
- Insufficient validation of untrusted input vulnerability in Blink component can be exploited remotely to execute arbitrary code;
- Heap buffer overflow vulnerability in WebGL component can be exploited remotely to execute arbitrary code;
- Heap buffer overflow vulnerability in SwiftShader component can be exploited remotely to execute arbitrary code;
- Insufficient data validation vulnerability in IndexedDB component can be exploited remotely to execute arbitrary code;
- Insufficient validation of untrusted input vulnerability in SafeBrowsing component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in Omnibox component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in Extensions component can be exploited remotely to execute arbitrary code;
- Insufficient policy enforcement vulnerability in ServiceWorker component can be exploited remotely to execute arbitrary code;
- Insufficient validation of untrusted input vulnerability in DevTools component can be exploited remotely to execute arbitrary code;
- Use after free vulnerability in FileAPI component can be exploited remotely to execute arbitrary code.
Original advisories
Related products
CVE list
- CVE-2019-5754 warning
- CVE-2019-5782 high
- CVE-2019-5755 high
- CVE-2019-5756 high
- CVE-2019-5757 high
- CVE-2019-5758 high
- CVE-2019-5759 high
- CVE-2019-5760 high
- CVE-2019-5761 high
- CVE-2019-5762 high
- CVE-2019-5763 high
- CVE-2019-5764 high
- CVE-2019-5765 warning
- CVE-2019-5785 warning
- CVE-2019-5766 warning
- CVE-2019-5767 warning
- CVE-2019-5768 warning
- CVE-2019-5769 high
- CVE-2019-5770 high
- CVE-2019-5771 high
- CVE-2019-5772 high
- CVE-2019-5773 warning
- CVE-2019-5774 high
- CVE-2019-5775 warning
- CVE-2019-5776 warning
- CVE-2019-5777 warning
- CVE-2019-5778 warning
- CVE-2019-5779 warning
- CVE-2019-5780 warning
- CVE-2019-5783 high
- CVE-2019-5781 warning
- CVE-2019-13684 warning
- CVE-2018-20073 warning
- CVE-2019-13768 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!