Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android android browser vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-5217
The extensions API in Google Chrome before 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote malicious user to bypass site isolation via a crafted HTML page.
Google Chrome
4.3
CVSSv3
CVE-2017-5075
Inappropriate implementation in CSP reporting in Blink in Google Chrome before 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote malicious user to obtain the value of url fragments via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.3
CVSSv3
CVE-2017-5071
Insufficient validation of untrusted input in V8 in Google Chrome before 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2017-5073
Use after free in print preview in Blink in Google Chrome before 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.5
CVSSv3
CVE-2021-37976
Inappropriate implementation in Memory in Google Chrome before 94.0.4606.71 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Articles
9.6
CVSSv3
CVE-2021-37973
Use after free in Portals in Google Chrome before 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
1 Article
8.8
CVSSv3
CVE-2016-5183
A heap use after free in PDFium in Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote malicious user to potentially exploit heap corruption via crafted PDF files.
Google Chrome
1 Article
8.8
CVSSv3
CVE-2016-5184
PDFium in Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote malicious user to potentially exploit heap corruption via crafted PDF files.
Google Chrome
1 Article
6.3
CVSSv3
CVE-2016-5190
Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles during shutdown, which allowed a remote malicious user to perform an out of bounds memory read via crafted HTML pages.
Google Chrome
1 Article
6.1
CVSSv3
CVE-2016-5191
Bookmark handling in Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote malicious user to inject arbitrary scripts or HTML (UXSS) via crafted HTML pages, as demonstrated by a...
Google Chrome
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
open redirect
CVE-2024-3946
LFI
CVE-2024-25977
CVE-2024-36368
CVE-2024-23109
CVE-2024-23580
CVE-2024-23108
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »