Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2019-13764

Published: 10/12/2019 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

Type confusion in JavaScript in Google Chrome before 79.0.3945.79 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

debian debian linux 9.0

debian debian linux 10.0

fedoraproject fedora 30

fedoraproject fedora 31

suse package_hub -

opensuse backports sle 15.0

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

Vendor Advisories

Red Hat: Critical: chromium-browser security update
Synopsis Critical: chromium-browser security update Type/Severity Security Advisory: Critical Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scor ...
Debian Security Advisories: DSA-4606-1 chromium -- security update
Several vulnerabilities have been discovered in the chromium web browser CVE-2019-13725 Gengming Liu and Jianyu Chen discovered a use-after-free issue in the bluetooth implementation CVE-2019-13726 Sergei Glazunov discovered a buffer overflow issue CVE-2019-13727 @piochu discovered a policy enforcement error CVE-2019-13728 ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-1076 chromium 7803904108-1 790394579-1 Unknown Fixed ...
Google Chrome: Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 79 to the stable channel for Windows, Mac and Linux This will roll out over the coming days/weeks Chrome 790394579 contains a number of fixes and improvements -- a list of changes is available in the log Watch out for upcoming Chrome and Chromium blog po ...

Github Repositories

https://github.com/KotenAngered/ZTE-Blade-A5-2019-Nae-Nae-List

This repository will store potential CVEs for a device as titled above and other related code.

ZTE-Blade-A5-2019-Nae-Nae-List This repository will store potential CVEs for a device as titled above and other related code CVE List: 1#: githubcom/j4nn/CVE-2020-0041 2#: githubcom/HaboobLab/CVE-2019-13764 3# (Currently zero lol): wwwcvedetailscom/vulnerability-list/vendor_id-33/product_id-47/version_id-302471/Linux-Linux-Kernel-44147html 4#: ht

https://github.com/HaboobLab/CVE-2019-13764

CVE-2019-13764 A full exploit written by Haboob Research Team Tested on V8 version 800 on Linux ubuntu 1804 Detailed blogpost about this vulnerability: bloghaboobsa/blog/cve-2019-13764-from-root-cause-to-bash

Recent Articles

Rubbish software security patches responsible for a quarter of zero-days last year
The Register • Thomas Claburn in San Francisco • 03 Feb 2021

Google wants researchers, vendors to stop making attacks easy Apple emits emergency iOS security updates while warning holes may have been exploited in wild by hackers

Enigma To limit the impact of zero-day vulnerabilities, Google security researcher Maddie Stone would like those developing software fixes to stop delivering shoddy patches. In a presentation at USENIX's Enigma 2021 virtual conference on Tuesday, Stone offered an overview of the zero-day exploits detected in 2020. A zero-day, she explained for attendees outside the infosec community, refers to an exploit targeting a previously unidentified vulnerability. Zero-day flaws are a problem because they...

Read more...

References

CWE-843https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.htmlhttps://crbug.com/1028863https://access.redhat.com/errata/RHSA-2019:4238http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.htmlhttps://seclists.org/bugtraq/2020/Jan/27https://www.debian.org/security/2020/dsa-4606https://security.gentoo.org/glsa/202003-08https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/https://access.redhat.com/errata/RHSA-2019:4238https://nvd.nist.govhttps://github.com/KotenAngered/ZTE-Blade-A5-2019-Nae-Nae-Listhttps://www.debian.org/security/2020/dsa-4606
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook