CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » * * * * : Security Vulnerabilities Published In 2019 (Gain Information)

Cpe Name:cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-13753 125 +Info 2019-12-10 2020-08-06
4.3
None Remote Medium Not required Partial None None
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
2 CVE-2019-13752 125 +Info 2019-12-10 2020-08-06
4.3
None Remote Medium Not required Partial None None
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
3 CVE-2019-13751 908 +Info 2019-12-10 2020-08-24
4.3
None Remote Medium Not required Partial None None
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
4 CVE-2019-13748 862 +Info 2019-12-10 2020-08-24
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
5 CVE-2019-13745 200 +Info 2019-12-10 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6 CVE-2019-13744 200 +Info 2019-12-10 2019-12-16
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
7 CVE-2019-13737 200 +Info 2019-12-10 2019-12-16
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
8 CVE-2019-13684 200 +Info 2019-11-25 2021-07-21
2.6
None Remote High Not required Partial None None
Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
9 CVE-2019-13666 200 +Info 2019-11-25 2021-07-21
4.3
None Remote Medium Not required Partial None None
Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
10 CVE-2019-5881 125 +Info 2019-11-25 2019-12-02
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
11 CVE-2019-5880 200 +Info 2019-11-25 2019-12-02
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
12 CVE-2019-5852 20 +Info 2019-11-25 2019-11-27
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
13 CVE-2019-5849 125 +Info 2019-11-25 2019-11-27
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
14 CVE-2019-5848 312 +Info 2019-11-25 2020-08-24
4.3
None Remote Medium Not required Partial None None
Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
15 CVE-2019-5837 +Info 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
16 CVE-2019-5818 908 +Info 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
17 CVE-2019-5810 312 +Info 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
18 CVE-2018-20073 200 +Info 2019-06-27 2019-07-30
2.1
None Local Low Not required Partial None None
Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem.
19 CVE-2018-16078 200 +Info 2019-01-09 2019-01-29
4.3
None Remote Medium Not required Partial None None
Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
20 CVE-2018-6179 200 +Info 2019-01-09 2019-01-16
4.3
None Remote Medium Not required Partial None None
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.
21 CVE-2018-6177 200 +Info 2019-06-27 2019-06-28
4.3
None Remote Medium Not required Partial None None
Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
22 CVE-2018-6171 416 +Info 2019-06-27 2019-07-01
2.9
None Local Network Medium Not required Partial None None
Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
23 CVE-2018-6168 200 +Info 2019-06-27 2019-06-28
4.3
None Remote Medium Not required Partial None None
Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
24 CVE-2018-6164 200 +Info 2019-01-09 2019-01-14
4.3
None Remote Medium Not required Partial None None
Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
25 CVE-2018-6159 200 +Info 2019-06-27 2019-07-01
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
26 CVE-2018-6150 200 +Info 2019-06-27 2019-07-01
4.3
None Remote Medium Not required Partial None None
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
27 CVE-2018-6137 200 +Info 2019-01-09 2019-01-14
4.3
None Remote Medium Not required Partial None None
CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
28 CVE-2018-6134 200 Bypass +Info 2019-06-27 2019-06-27
4.3
None Remote Medium Not required Partial None None
Information leak in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page.
29 CVE-2018-6132 908 +Info 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
30 CVE-2018-6117 200 +Info 2019-01-09 2019-01-15
4.3
None Remote Medium Not required Partial None None
Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
31 CVE-2018-6109 200 +Info 2019-01-09 2019-01-30
4.3
None Remote Medium Not required Partial None None
readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page.
32 CVE-2018-6093 200 +Info 2019-01-09 2019-01-29
4.3
None Remote Medium Not required Partial None None
Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Total number of vulnerabilities : 32   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.