13 matches found
SUSE CVE-2018-6075
Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction...
Security fix for the ALT Linux 10 package node version 14.17.4-alt1
14.17.4-alt1 built Aug. 2, 2021 Vitaly Lipatov in task 281579 July 30, 2021 Vitaly Lipatov - new version 14.17.4 with rpmrb script - CVE-2021-22930: Use after free on close http2 on stream canceling High - set npm = 6.14.14 - restore minimum ICU version to 65...
NETSAS Enigma NMS Cross-Site Scripting Vulnerability (CNVD-2020-18995)
NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...
CVE-2018-18502
Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 65...
CVE-2018-6076
Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page...
UBUNTU-CVE-2018-6062
Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...
UBUNTU-CVE-2018-6060
Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2018-6081
XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page...
CVE-2018-6082
Removed by vendor...
Google Chrome Design Vulnerability
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in custom tabs in versions prior to Google Chrome 65.0.3325.146. There is no detailed description of the vulnerability at this time...
chromium-browser: integer overflow in pdfium
An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...
chromium-browser: circumvention of port blocking
Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page...
chromium-browser: type confusion in v8
Type Confusion in the implementation of defineGetter in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...