SUSE CVE-2018-18336

Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...

SUSE CVE-2018-18343

Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2019-11756

Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...

CVE-2019-17013

Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 71...

CVE-2019-17014

If an image had not loaded correctly such as when it is not actually an image, it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox 71...

UBUNTU-CVE-2019-17013

Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 71...

UBUNTU-CVE-2019-11756

Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox 71...

mozilla: Use after free in Skia

An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-20069

Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page...

DEBIAN-CVE-2018-18348

Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

Google Chrome Skia Buffer Overflow Vulnerability (CNVD-2019-01585)

Google Chrome is a web browser developed by Google, Inc. Skia is an open source 2D graphics library that provides common APIs that work on a variety of hardware and software platforms. A buffer overflow vulnerability exists in Skia in versions prior to Google Chrome 71.0.3578.80. A remote attacke...