Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android android browser vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-9650
Blink in Google Chrome before 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled iframes, which allowed a remote malicious user to bypass a no-referrer policy via a crafted HTML page.
Google Chrome
383
VMScore
CVE-2016-5191
Bookmark handling in Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote malicious user to inject arbitrary scripts or HTML (UXSS) via crafted HTML pages, as demonstrated by a...
Google Chrome
1 Article
606
VMScore
CVE-2017-5036
A use after free in PDFium in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote malicious user to have an unspecified impact via a crafted PDF file.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
606
VMScore
CVE-2017-5039
A use after free in PDFium in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
605
VMScore
CVE-2016-5215
A use after free in webaudio in Google Chrome before 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
294
VMScore
CVE-2017-5042
Cast in Google Chrome before 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
605
VMScore
CVE-2017-5091
A use after free in IndexedDB in Google Chrome before 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
383
VMScore
CVE-2017-5093
Inappropriate implementation in modal dialog handling in Blink in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to prevent a full screen warning from being displayed via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
383
VMScore
CVE-2017-5094
Type confusion in extensions JavaScript bindings in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to potentially maliciously modify objects via a crafted HTML page.
Debian Debian Linux 9.0
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
383
VMScore
CVE-2017-5105
Insufficient Policy Enforcement in Omnibox in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to perform domain spoofing via IDN homographs in a crafted domain name.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »