176 matches found
Design/Logic Flaw
An object lifecycle issue in Blink could lead to a use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
CVE-2018-20066
Incorrect object lifecycle in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-17481
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...
Design/Logic Flaw
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-18336
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...
CVE-2018-18339
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-18336
CVE-2018-18336 is a use-after-free in the PDFium component of Chromium/Google Chrome prior to version 71.0.3578.80, enabling potential heap corruption via a crafted PDF file. The Arch Linux security advisory ASA-201812-2 (and Debian/DSA-4352-1 apart from other sources) confirm the issue and state...
CVE-2018-6068
Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
CVE-2018-6068
Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
Hardcoded credentials
Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
UBUNTU-CVE-2018-6068
Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
CVE-2018-6068
Removed by vendor...
CVE-2018-6068
CVE-2018-6068 describes an object lifecycle issue in Chrome Custom Tab that could let a remote attacker spoof the Omnibox (URL bar) in Google Chrome prior to 65.0.3325.146. Related connected advisories indicate Chromium/Chrome updates fixed this family of issues around version 65.0.3325.146 (and ...
[SECURITY] [DSA 4182-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4182-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 28, 2018 https://www.debian.org/security/faq -...
CVE-2016-5184
PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...
CVE-2016-5190
Removed by vendor...