cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2017-5006,https://securityvulnerability.io/vulnerability/CVE-2017-5006,,"Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.1,MEDIUM,0.003530000103637576,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5007,https://securityvulnerability.io/vulnerability/CVE-2017-5007,,"Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.1,MEDIUM,0.003530000103637576,false,false,false,true,true,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5008,https://securityvulnerability.io/vulnerability/CVE-2017-5008,,"Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.1,MEDIUM,0.003530000103637576,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5009,https://securityvulnerability.io/vulnerability/CVE-2017-5009,,"WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",8.8,HIGH,0.010730000212788582,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5010,https://securityvulnerability.io/vulnerability/CVE-2017-5010,,"Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, resolved promises in an inappropriate context, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.1,MEDIUM,0.003530000103637576,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5012,https://securityvulnerability.io/vulnerability/CVE-2017-5012,,"A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",8.8,HIGH,0.01489999983459711,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5014,https://securityvulnerability.io/vulnerability/CVE-2017-5014,,"Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.3,MEDIUM,0.007149999961256981,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5015,https://securityvulnerability.io/vulnerability/CVE-2017-5015,,"Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.5,MEDIUM,0.0062500000931322575,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5018,https://securityvulnerability.io/vulnerability/CVE-2017-5018,,"Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.1,MEDIUM,0.004610000178217888,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5019,https://securityvulnerability.io/vulnerability/CVE-2017-5019,,"A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.3,MEDIUM,0.0074800001457333565,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5020,https://securityvulnerability.io/vulnerability/CVE-2017-5020,,"Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.1,MEDIUM,0.020260000601410866,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5021,https://securityvulnerability.io/vulnerability/CVE-2017-5021,,"A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",4.3,MEDIUM,0.007209999952465296,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5022,https://securityvulnerability.io/vulnerability/CVE-2017-5022,,"Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",4.3,MEDIUM,0.0063299997709691525,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5027,https://securityvulnerability.io/vulnerability/CVE-2017-5027,,"Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",4.3,MEDIUM,0.0016899999463930726,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5016,https://securityvulnerability.io/vulnerability/CVE-2017-5016,,"Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",6.5,MEDIUM,0.006479999981820583,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0
CVE-2017-5023,https://securityvulnerability.io/vulnerability/CVE-2017-5023,,"Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page.",Google,"Google Chrome Prior To 56.0.2924.76 For Linux, Windows And Mac, And 56.0.2924.87 For Android",4.3,MEDIUM,0.007849999703466892,false,false,false,false,,false,false,2017-02-17T07:45:00.000Z,0