Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Windows
Total 7549 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5075 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page.
CVE-2017-5074 2 Google, Microsoft 2 Chrome, Windows 2024-11-21 5.4 MEDIUM 8.0 HIGH
A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.
CVE-2017-5073 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5071 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 6.3 MEDIUM
Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5070 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2017-5069 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page.
CVE-2017-5068 5 Apple, Google, Linux and 2 more 7 Macos, Chrome, Linux Kernel and 4 more 2024-11-21 5.1 MEDIUM 7.5 HIGH
Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.
CVE-2017-5067 5 Apple, Google, Linux and 2 more 7 Macos, Chrome, Linux Kernel and 4 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2017-5066 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page.
CVE-2017-5065 4 Apple, Google, Microsoft and 1 more 6 Macos, Chrome, Windows and 3 more 2024-11-21 4.3 MEDIUM 4.7 MEDIUM
Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page.
CVE-2017-5064 2 Google, Microsoft 2 Chrome, Windows 2024-11-21 6.8 MEDIUM 8.8 HIGH
Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-5063 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5062 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.
CVE-2017-5061 5 Apple, Google, Linux and 2 more 7 Macos, Chrome, Linux Kernel and 4 more 2024-11-21 2.6 LOW 5.3 MEDIUM
A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2017-5060 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
CVE-2017-5059 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.
CVE-2017-5058 2 Google, Microsoft 2 Chrome, Windows 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2017-5057 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
CVE-2017-5056 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5055 3 Google, Linux, Microsoft 3 Chrome, Linux Kernel, Windows 2024-11-21 9.3 HIGH 8.8 HIGH
A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.