26 matches found
SUSE CVE-2018-18348
Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...
Unspecified Vulnerability in Google Chrome for iOS Navigation
Google Chrome for iOS is a web browser developed by Google for the iOS platform.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in Google Chrome for iOS versions prior to 71.0.3578.80, which stems from the program's failure to adequately enforce...
Unspecified Vulnerability in Google Chrome Navigation
Google Chrome is a web browser developed by Google, Inc.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in Google Chrome versions prior to 71.0.3578.80. The vulnerability can be exploited by a remote attacker with a specially crafted HTML page th...
Design/Logic Flaw
Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to initiate potentially unsafe navigations without a user gesture via a crafted PDF file...
DEBIAN-CVE-2018-18358
Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...
DEBIAN-CVE-2018-18353
Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page...
Design/Logic Flaw
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
DEBIAN-CVE-2018-18338
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2018-18335
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2018-18345
Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page...
chromium-browser: Insufficient policy enforcement in Blink
Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension...
chromium-browser: Insufficient policy enforcement in URL Formatter
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...
chromium-browser: Inappropriate implementation in Site Isolation
Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page...
chromium-browser: Insufficient policy enforcement in URL Formatter
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...
chromium-browser: Heap buffer overflow in Skia
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Heap buffer overflow in Canvas
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Use after free in Skia
Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Inappropriate implementation in Extensions
Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension...
Important: Red Hat Security Advisory: chromium-browser security update
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
openSUSE: Security Advisory for Chromium (openSUSE-SU-2018:4056-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...