Product:

Chrome

(Google)
Repositories https://github.com/googlei18n/sfntly
https://github.com/behdad/harfbuzz
https://github.com/uclouvain/openjpeg
#Vulnerabilities 3626
Date Id Summary Products Score Patch Annotated
2019-12-10 CVE-2019-13755 Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13756 Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13757 Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13758 Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13759 Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13761 Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13762 Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 3.3
2019-12-10 CVE-2019-13763 Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_workstation 4.3
2019-12-10 CVE-2019-13764 Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub 8.8
2020-01-03 CVE-2019-13765 Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chrome 6.5