CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2018/09/25 2:29 p.m.•1 views

CVE-2018-6039

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

6.1CVSS7.4AI score0.00909EPSS

Prion•added 2018/09/25 2:29 p.m.•15 views

Design/Logic Flaw

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension...

6.8CVSS7.8AI score0.01484EPSS

Exploits0References6Affected Software5

UbuntuCve•added 2018/09/25 2:29 p.m.•14 views

CVE-2018-6039

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

OSV•added 2018/09/25 2:29 p.m.•3 views

CVE-2018-6035

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension...

8.8CVSS7.4AI score0.01484EPSS

OSV•added 2018/09/25 2:29 p.m.•0 views

UBUNTU-CVE-2018-6046

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

OSV•added 2018/09/25 2:29 p.m.•1 views

UBUNTU-CVE-2018-6035

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension...

8.8CVSS7.3AI score0.01484EPSS

Prion•added 2018/09/25 2:29 p.m.•15 views

Input validation

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

4.3CVSS6.3AI score0.00909EPSS

Exploits0References6Affected Software5

OSV•added 2018/09/25 2:29 p.m.•0 views

UBUNTU-CVE-2018-6039

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

NVD•added 2018/09/25 2:29 p.m.•15 views

CVE-2018-6035

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension...

8.8CVSS7.9AI score0.01484EPSS

UbuntuCve•added 2018/09/25 2:29 p.m.•21 views

CVE-2018-6045

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension...

6.5CVSS7AI score0.00888EPSS

UbuntuCve•added 2018/09/25 2:29 p.m.•19 views

CVE-2018-6035

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension...

8.8CVSS7.2AI score0.01484EPSS

OSV•added 2018/09/25 2:29 p.m.•0 views

UBUNTU-CVE-2018-6045

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension...

6.5CVSS7AI score0.00888EPSS

UbuntuCve•added 2018/09/25 2:29 p.m.•23 views

CVE-2018-6046

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

Prion•added 2018/09/25 2:29 p.m.•14 views

Input validation

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

4.3CVSS6.3AI score0.00909EPSS

Exploits0References6Affected Software5

Debian CVE•added 2018/09/25 2:0 p.m.•19 views

CVE-2018-6045

Removed by vendor...

6.5CVSS8.1AI score0.00888EPSS

Exploits0

Debian CVE•added 2018/09/25 2:0 p.m.•19 views

CVE-2018-6035

Removed by vendor...

8.8CVSS9.3AI score0.01484EPSS

Exploits0

CVE•added 2018/09/25 2:0 p.m.•118 views

CVE-2018-6035

CVE-2018-6035 concerns insufficient isolation of DevTools from extensions in Chromium/Google Chrome, enabling a crafted extension to potentially leak local user data. Affected product: Google Chrome (Chromium base). Root cause: insufficient policy enforcement in DevTools that allows extension int...

8.8CVSS5.7AI score0.01484EPSS

Exploits0References6Affected Software1

Cvelist•added 2018/09/25 2:0 p.m.•24 views

CVE-2018-6046

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...

5.9AI score0.00909EPSS