| CVE-2019-13720 |
AVG-1059 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been found in the audio component of the chromium browser before 78.0.3904.87. Google is aware of reports that an exploit... |
| CVE-2017-15394 |
AVG-545 |
Low |
Yes |
Content spoofing |
A URL spoofing flaw has been found in the extensions UI of the Chromium browser < 62.0.3202.62. |
| CVE-2017-15392 |
AVG-545 |
Low |
Yes |
Access restriction bypass |
An incorrect registry key handling issue has been found in the PlatformIntegration component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-15390 |
AVG-545 |
Medium |
Yes |
Content spoofing |
A URL spoofing issue has been found in the Omnibox component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-15388 |
AVG-545 |
Medium |
Yes |
Information disclosure |
An out-of-bounds read has been found in the Skia component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-15387 |
AVG-545 |
Medium |
Yes |
Access restriction bypass |
A content security bypass has been found in the Chromium browser < 62.0.3202.62. |
| CVE-2017-15386 |
AVG-545 |
Medium |
Yes |
Content spoofing |
A UI spoofing issue has been found in the Blink component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5133 |
AVG-545 |
High |
Yes |
Arbitrary code execution |
An out-of-bounds write has been found in the Skia component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5132 |
AVG-545 |
Critical |
Yes |
Arbitrary code execution |
An incorrect stack manipulation security issue has been found in the WebAssembly component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5129 |
AVG-545 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free security issue has been found in the WebAudio component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5128 |
AVG-545 |
Critical |
Yes |
Arbitrary code execution |
A heap overflow security issue has been found in the WebGL component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5127 |
AVG-545 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free security issue has been found in the PDFium component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5126 |
AVG-545 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free security issue has been found in the PDFium component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5124 |
AVG-545 |
High |
Yes |
Cross-site scripting |
A universal XSS flaw has been found in the MHTML component of the Chromium browser < 62.0.3202.62. |
| CVE-2017-5089 |
AVG-339 |
Medium |
Yes |
Content spoofing |
A domain spoofing vulnerability has been found in the Omnibox component of the Chromium browser < 59.0.3071.104. |
| CVE-2017-5088 |
AVG-339 |
High |
Yes |
Information disclosure |
An out-of-bounds read vulnerability has been found in the V8 component of the Chromium browser < 59.0.3071.104. |
| CVE-2017-5083 |
AVG-339 |
Low |
Yes |
Content spoofing |
A UI spoofing flaw has been found in the Blink component of the Chromium browser. |
| CVE-2017-5079 |
AVG-339 |
Medium |
Yes |
Content spoofing |
A UI spoofing flaw has been found in the Blink component of the Chromium browser. |
| CVE-2017-5078 |
AVG-339 |
High |
Yes |
Arbitrary command execution |
A possible command injection flaw has been found in the mailto handling component of the Chromium browser. |
| CVE-2017-5077 |
AVG-339 |
High |
Yes |
Arbitrary code execution |
A heap buffer overflow flaw was found in the Skia component of the Chromium browser. |
| CVE-2017-5076 |
AVG-339 |
Medium |
Yes |
Content spoofing |
An address spoofing flaw has been found in the Omnibox component of the Chromium browser. |
| CVE-2017-5075 |
AVG-339 |
Medium |
Yes |
Information disclosure |
An information leak flaw has been found in the CSP reporting component of the Chromium browser. |
| CVE-2017-5071 |
AVG-339 |
High |
Yes |
Information disclosure |
An out of bounds read flaw has been found in the V8 component of the Chromium browser. |
| CVE-2017-5070 |
AVG-339 |
Critical |
Yes |
Arbitrary code execution |
A type confusion flaw has been found in the V8 component of the Chromium browser. |
| CVE-2016-9651 |
AVG-162 |
High |
Yes |
Access restriction bypass |
A private property access flaw was found in the V8 component of the Chromium browser. |
| CVE-2016-9650 |
AVG-162 |
Low |
Yes |
Information disclosure |
A CSP referrer disclosure vulnerability has been discovered in the Chromium browser. |
| CVE-2016-5225 |
AVG-162 |
Low |
Yes |
Access restriction bypass |
A CSP bypass flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5224 |
AVG-162 |
Low |
Yes |
Same-origin policy bypass |
A same-origin bypass flaw was found in the SVG component of the Chromium browser. |
| CVE-2016-5223 |
AVG-162 |
Low |
Yes |
Arbitrary code execution |
An integer overflow flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5222 |
AVG-162 |
Medium |
Yes |
Content spoofing |
An address spoofing flaw was found in the Omnibox component of the Chromium browser. |
| CVE-2016-5221 |
AVG-162 |
Medium |
Yes |
Arbitrary code execution |
An integer overflow flaw was found in the ANGLE component of the Chromium browser. |
| CVE-2016-5219 |
AVG-162 |
Medium |
Yes |
Arbitrary code execution |
An use after free flaw was found in the V8 component of the Chromium browser. |
| CVE-2016-5218 |
AVG-162 |
Medium |
Yes |
Content spoofing |
An address spoofing flaw was found in the Omnibox component of the Chromium browser. |
| CVE-2016-5217 |
AVG-162 |
Medium |
Yes |
Insufficient validation |
An use of unvalidated data flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5216 |
AVG-162 |
Medium |
Yes |
Arbitrary code execution |
An use after free flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5215 |
AVG-162 |
Medium |
Yes |
Arbitrary code execution |
An use after free flaw was found in the Webaudio component of the Chromium browser. |
| CVE-2016-5214 |
AVG-162 |
Medium |
Yes |
Insufficient validation |
A file download protection bypass was discovered in the Chromium browser. |
| CVE-2016-5213 |
AVG-162 |
High |
Yes |
Arbitrary code execution |
An use after free flaw was found in the V8 component of the Chromium browser. |
| CVE-2016-5212 |
AVG-162 |
High |
No |
Arbitrary filesystem access |
A local file disclosure flaw was found in the DevTools component of the Chromium browser. |
| CVE-2016-5211 |
AVG-162 |
High |
Yes |
Arbitrary code execution |
An use after free flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5210 |
AVG-162 |
High |
Yes |
Arbitrary code execution |
An out of bounds write flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5208 |
AVG-162 |
High |
Yes |
Cross-site scripting |
An universal XSS flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5207 |
AVG-162 |
High |
Yes |
Cross-site scripting |
An universal XSS flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5206 |
AVG-162 |
High |
Yes |
Same-origin policy bypass |
A same-origin bypass flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5205 |
AVG-162 |
High |
Yes |
Cross-site scripting |
An universal XSS flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5204 |
AVG-162 |
High |
Yes |
Cross-site scripting |
An universal XSS flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5203 |
AVG-162 |
High |
Yes |
Arbitrary code execution |
An use after free flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5201 |
AVG-162 |
Medium |
Yes |
Information disclosure |
An information disclosure flaw was found in the extensions component of the Chromium browser before 54.0.2840.100. |
| CVE-2016-5199 |
AVG-162 |
High |
Yes |
Arbitrary code execution |
FFMPEG MP4 decoder contains an off-by-one error resulting in an allocation of size 0, followed by corrupting an arbitrary number of pointers out of bounds... |
| CVE-2016-5198 |
AVG-109 |
High |
Yes |
Arbitrary code execution |
An out of bounds memory access flaw was found in the V8 component of the Chromium browser. |
| CVE-2016-5192 |
AVG-109 |
Medium |
Yes |
Same-origin policy bypass |
A cross-origin bypass flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5189 |
AVG-162 |
Medium |
Yes |
Content spoofing |
An URL spoofing flaw was found in the Chromium browser. |
| CVE-2016-5188 |
AVG-109 |
Medium |
Yes |
Content spoofing |
An UI spoofing flaw was found in the Chromium browser. |
| CVE-2016-5187 |
AVG-109 |
High |
Yes |
Content spoofing |
An URL spoofing flaw was found in the Chromium browser. |
| CVE-2016-5186 |
AVG-109 |
Medium |
Yes |
Information disclosure |
An out of bounds read flaw was found in the DevTools component of the Chromium browser. |
| CVE-2016-5185 |
AVG-109 |
High |
Yes |
Arbitrary code execution |
An use after free flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5183 |
AVG-162 |
High |
Yes |
Arbitrary code execution |
An use after free flaw was found in the PDFium component of the Chromium browser. |
| CVE-2016-5182 |
AVG-162 |
High |
Yes |
Arbitrary code execution |
A heap overflow flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5181 |
AVG-109 |
High |
Yes |
Cross-site scripting |
An universal XSS flaw was found in the Blink component of the Chromium browser. |
| CVE-2016-5172 |
AVG-109 |
Medium |
Yes |
Information disclosure |
The parser in Google V8 mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code. |
| CVE-2016-5171 |
AVG-109 |
Critical |
Yes |
Arbitrary code execution |
WebKit/Source/bindings/templates/interface.cpp in Blink does not prevent certain constructor calls, which allows remote attackers to cause a denial of... |
| CVE-2016-5170 |
AVG-109 |
Critical |
Yes |
Arbitrary code execution |
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink does not properly consider getter side effects during array key conversion, which allows... |
| CVE-2016-5166 |
AVG-109 |
Medium |
Yes |
Information disclosure |
The download implementation in Chromium does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for... |
| CVE-2016-5161 |
AVG-109 |
Medium |
Yes |
Information disclosure |
The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink mishandles custom properties, which allows remote attackers to... |
| CVE-2016-5155 |
AVG-109 |
High |
Yes |
Content spoofing |
Chromium does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site. |
| CVE-2016-5153 |
AVG-109 |
Critical |
Yes |
Arbitrary code execution |
The Web Animations implementation in Blink improperly relies on list iteration, which allows remote attackers to cause a denial of service... |
| CVE-2016-5147 |
AVG-109 |
High |
Yes |
Cross-site scripting |
Blink, as used in Google Chrome, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web... |
| CVE-2016-5133 |
AVG-109 |
Medium |
Yes |
Content spoofing |
Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a... |