Lucene search
K

26 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.2 views

SUSE CVE-2018-18348

Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

4.3CVSS8.4AI score0.01114EPSS
Exploits0References7
CNVD
CNVD
added 2019/01/14 12:0 a.m.1 views

Unspecified Vulnerability in Google Chrome for iOS Navigation

Google Chrome for iOS is a web browser developed by Google for the iOS platform.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in Google Chrome for iOS versions prior to 71.0.3578.80, which stems from the program's failure to adequately enforce...

4.3CVSS6.5AI score0.00432EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/14 12:0 a.m.1 views

Unspecified Vulnerability in Google Chrome Navigation

Google Chrome is a web browser developed by Google, Inc.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in Google Chrome versions prior to 71.0.3578.80. The vulnerability can be exploited by a remote attacker with a specially crafted HTML page th...

4.3CVSS8.7AI score0.00471EPSS
Exploits0References1
Prion
Prion
added 2019/01/09 7:29 p.m.21 views

Design/Logic Flaw

Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to initiate potentially unsafe navigations without a user gesture via a crafted PDF file...

6.8CVSS8AI score0.00562EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

DEBIAN-CVE-2018-18358

Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...

5.7CVSS8.4AI score0.00443EPSS
Exploits0References1
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

DEBIAN-CVE-2018-18353

Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page...

6.5CVSS8.5AI score0.01372EPSS
Exploits0References1
Prion
Prion
added 2018/12/11 4:29 p.m.13 views

Design/Logic Flaw

Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS8.4AI score0.01424EPSS
Exploits0References6Affected Software5
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

DEBIAN-CVE-2018-18338

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.9AI score0.01424EPSS
Exploits0References1
OSV
OSV
added 2018/12/11 4:29 p.m.4 views

UBUNTU-CVE-2018-18335

Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.5AI score0.03724EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/12/11 3:0 p.m.27 views

CVE-2018-18345

Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page...

6.5CVSS7AI score0.01445EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.5 views

chromium-browser: Insufficient policy enforcement in Blink

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension...

6.5CVSS7.4AI score0.00976EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.5 views

chromium-browser: Insufficient policy enforcement in URL Formatter

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

4.3CVSS7.4AI score0.01145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.4 views

chromium-browser: Inappropriate implementation in Site Isolation

Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page...

6.5CVSS7.3AI score0.01445EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.3 views

chromium-browser: Insufficient policy enforcement in URL Formatter

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

4.3CVSS7.4AI score0.01145EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.3 views

chromium-browser: Heap buffer overflow in Skia

Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.6AI score0.03724EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.4 views

chromium-browser: Heap buffer overflow in Canvas

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.01424EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.6 views

chromium-browser: Use after free in Skia

Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.4AI score0.01384EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.5 views

chromium-browser: Inappropriate implementation in Extensions

Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension...

6.5CVSS7.4AI score0.01498EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/12/10 10:34 a.m.121 views

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

8.8CVSS6.9AI score0.34292EPSS
Exploits1References28
OpenVAS
OpenVAS
added 2018/12/10 12:0 a.m.31 views

openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:4056-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.6AI score0.34292EPSS
Exploits1References4
Rows per page
Query Builder