5836 matches found
CVE-2018-6046
CVE-2018-6046 refers to an issue in Chromium/Google Chrome DevTools where insufficient data validation allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension. The vulnerability is described in multiple sources (e.g., Debian DSA-4103, RHSA-2018:0265) as...
CVE-2018-6036
CVE-2018-6036 is an integer underflow in WebAssembly within Google Chrome64-bit era (V8) that could allow a remote attacker to leak user data via a crafted HTML page. The vulnerability was fixed in the Chrome stable update 64.0.3282.119; affected products are Google Chrome released before that v...
CVE-2018-6043
CVE-2018-6043 affects Google Chrome (Chromium project) via the External Protocol Handler. The root cause is insufficient data validation in the handler, allowing a remote attacker to potentially execute arbitrary code on a user’s machine by presenting a crafted HTML page. Publicly documented impa...
CVE-2018-6046
Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...
CVE-2018-6036
Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page...
CVE-2018-6039
CVE-2018-6039 describes an issue in Google Chrome’s DevTools where insufficient data validation could allow a remote attacker to leak user cross-origin data via a crafted Chrome Extension. Affected software: Google Chrome with DevTools. Root cause: inadequate input validation in DevTools leading ...
CVE-2018-6039
Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension...
CVE-2018-6033
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension...
CVE-2018-6039
Removed by vendor...
CVE-2018-6036
Removed by vendor...
CVE-2018-6034
Removed by vendor...
CVE-2018-6033
Removed by vendor...
CVE-2018-6046
Removed by vendor...
CVE-2018-6043
Removed by vendor...
Design/Logic Flaw
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Fuji Electric V-Server Lite File Parsing Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric V-Server Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Fuji Electric V-Server VPR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric V-Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
(0Day) Hewlett Packard Enterprise Intelligent Management Center imcwlandm strUserName Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the dealInodeOfflineMsg...
Cisco WebEx Network Recording Player ATJPEG60 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...