NVD disclosure day

Published threat advisories for November 25, 2019

CVE advisoryKnown Exploit

CVE-2019-5825

Google Chrome: Remote Code Execution via Crafted HTML

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Google Chrome's JavaScript engine could allow attackers to corrupt system memory via a crafted HTML page. This could lead to system instability or crashes, impacting business system availability and data integrity. The risk to organizations is related to the potential for unpredictable system behavio

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2019-13720

Chrome WebAudio Use-After-Free Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A vulnerability in Google Chrome's WebAudio component allows remote attackers to exploit heap corruption via a crafted HTML page. This can lead to unauthorized system access or data compromise for affected organizations. Business risk includes potential data breaches and service disruptions.

NVD published: • CISA KEV