36 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-6094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2018-6097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without...
Linux Distros Unpatched Vulnerability : CVE-2018-6098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via ID...
Linux Distros Unpatched Vulnerability : CVE-2018-6102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox URL...
Linux Distros Unpatched Vulnerability : CVE-2018-6090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code insi...
Linux Distros Unpatched Vulnerability : CVE-2018-6151
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious...
Google Chrome for iOS Navigation Domain Spoofing Vulnerability
Google Chrome for iOS is a web browser developed by Google for the iOS platform.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in Google Chrome for iOS versions prior to 66.0.3359.117. The vulnerability can be exploited by remote attackers to...
Google Chrome DevTools Memory Misreference Vulnerability
Google Chrome is the United States Google Google company developed a Web browser. Devtools is one of the development and debugging tools. A memory misreference vulnerability exists in DevTools in versions of Google Chrome prior to 66.0.3359.117. A local attacker can exploit this vulnerability to...
Google Chrome Autofill Information Disclosure Vulnerability (CNVD-2019-03541)
Google Chrome is the United States Google Google company developed a Web browser. Autofill is one of the auto-fill form plug-ins. A security vulnerability exists in Autofill in Google Chrome versions prior to 66.0.3359.117. A remote attacker can exploit the vulnerability to disclose sensitive...
Google Chrome Downloads Command Execution Vulnerability
Google Chrome is a web browser developed by Google.Downloads is one of the download components. A security vulnerability exists in Downloads in versions of Google Chrome prior to 66.0.3359.117, which originates when the program parses documents into HTML files. A remote attacker could exploit thi...
Google Chrome Information Disclosure Vulnerability (CNVD-2019-03595)
Google Chrome is a web browser developed by Google Google.Service Workers is a component that provides offline support for web applications. A security vulnerability exists in Service Workers in Google Chrome versions prior to 66.0.3359.117. A remote attacker can exploit the vulnerability to...
CVE-2018-6091
Service Workers can intercept any request made by an or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
UBUNTU-CVE-2018-6114
Incorrect enforcement of CSP for tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page...
CVE-2018-6110
Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page...
Design/Logic Flaw
readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page...
CVE-2018-6114
Incorrect enforcement of CSP for tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page...
CVE-2018-6103
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page...
CVE-2018-6094
Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-6090
An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Design/Logic Flaw
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...