Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Enterprise Linux Desktop
Total 1947 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5073 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5071 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 6.3 MEDIUM
Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5070 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2017-5069 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page.
CVE-2017-5068 5 Apple, Google, Linux and 2 more 7 Macos, Chrome, Linux Kernel and 4 more 2024-11-21 5.1 MEDIUM 7.5 HIGH
Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page.
CVE-2017-5067 5 Apple, Google, Linux and 2 more 7 Macos, Chrome, Linux Kernel and 4 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2017-5066 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page.
CVE-2017-5065 4 Apple, Google, Microsoft and 1 more 6 Macos, Chrome, Windows and 3 more 2024-11-21 4.3 MEDIUM 4.7 MEDIUM
Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page.
CVE-2017-5063 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5062 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension.
CVE-2017-5061 5 Apple, Google, Linux and 2 more 7 Macos, Chrome, Linux Kernel and 4 more 2024-11-21 2.6 LOW 5.3 MEDIUM
A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2017-5060 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
CVE-2017-5059 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page.
CVE-2017-5057 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
CVE-2017-5056 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5054 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page.
CVE-2017-5053 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.
CVE-2017-5052 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting.
CVE-2017-5046 6 Apple, Debian, Google and 3 more 9 Macos, Debian Linux, Android and 6 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.
CVE-2017-5045 6 Apple, Debian, Google and 3 more 9 Macos, Debian Linux, Android and 6 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.