CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2026/05/08 6:37 p.m.•1 views

GHSA-37J4-88RP-2F6H Electerm's full process.env exposed to renderer via window.pre.env

Impact The getConstants IPC handler in src/app/lib/ipc-sync.js serialises the entire process.env object and sends it to the renderer. The data is stored as window.pre.env and is accessible from any JavaScript running in the renderer e.g., via the DevTools console or a compromised webview context...

6.5CVSS6AI score0.00004EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-17830

Malware in sbrugna...

8.8CVSS9.1AI score0.00888EPSS

Exploits0References8

NVD•added 2018/11/14 3:29 p.m.•13 views

CVE-2018-6067

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.5AI score0.00888EPSS

Exploits0References5

OSV•added 2018/11/14 3:29 p.m.•2 views

CVE-2018-6067

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score

Exploits0References5

UbuntuCve•added 2018/11/14 3:29 p.m.•19 views

CVE-2018-6067

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.00888EPSS

Exploits0References2

OSV•added 2018/11/14 3:29 p.m.•1 views

UBUNTU-CVE-2018-6067

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.00888EPSS

Exploits0References3

Prion•added 2018/11/14 3:29 p.m.•16 views

Design/Logic Flaw

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS8.5AI score0.00888EPSS

Exploits0References5Affected Software5

Cvelist•added 2018/11/14 3:0 p.m.•15 views

CVE-2018-6067

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.5AI score0.00888EPSS

Exploits0References5

CVE•added 2018/11/14 3:0 p.m.•130 views

CVE-2018-6067

CVE-2018-6067 is a vulnerability in Google Chrome/Chromium where the Skia library contains a buffer/heap overflow issue. Affected component: Skia inside Chrome/Chromium prior to version 65.0.3325.146. Root cause: unspecified in the provided documents beyond “buffer overflow in the Skia library.” ...

8.8CVSS8.4AI score0.00888EPSS

Exploits0References5Affected Software1

OSV•added 2018/08/28 7:29 p.m.•3 views

CVE-2017-15415

Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page...

6.5CVSS7.3AI score

Exploits0References5

RedHat Linux•added 2018/03/12 6:21 p.m.•2 views

chromium-browser: buffer overflow in skia

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.00888EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by