6 matches found
SUSE CVE-2018-6116
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
Google Chrome for macOS Fullscreen UI Fake Vulnerability
Google Chrome for macOS is a web browser developed by Google for the macOS platform.Fullscreen is one of the fullscreen components. A security vulnerability exists in Fullscreen in versions of Google Chrome prior to 66.0.3359.117 for macOS. A remote attacker can exploit this vulnerability to spoo...
CVE-2018-6152
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted...
UBUNTU-CVE-2018-6088
An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...
chromium-browser: Fullscreen UI spoof
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page...
chromium-browser: CSP bypass
Incorrect enforcement of CSP for tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page...