Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Chrome Security Vulnerabilities - 2018

cve
cve

CVE-2018-6099

A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.

6.5CVSS

6.2AI Score

0.011EPSS

2018-12-04 05:29 PM
79
cve
cve

CVE-2018-6101

A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.

7.5CVSS

7.7AI Score

0.112EPSS

2018-12-04 05:29 PM
87
cve
cve

CVE-2018-6102

Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

4.3CVSS

4.8AI Score

0.007EPSS

2018-12-04 05:29 PM
96
cve
cve

CVE-2018-6103

A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.

6.5CVSS

6.3AI Score

0.009EPSS

2018-12-04 05:29 PM
89
cve
cve

CVE-2018-6104

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

6.5CVSS

6.5AI Score

0.007EPSS

2018-12-04 05:29 PM
82
cve
cve

CVE-2018-6105

Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

6.5CVSS

6.5AI Score

0.007EPSS

2018-12-04 05:29 PM
95
cve
cve

CVE-2018-6107

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

6.5CVSS

6.5AI Score

0.007EPSS

2018-12-04 05:29 PM
94
cve
cve

CVE-2018-6108

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.

6.5CVSS

6.4AI Score

0.007EPSS

2018-12-04 05:29 PM
90
cve
cve

CVE-2018-6115

Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page.

6.5CVSS

6.4AI Score

0.007EPSS

2018-12-04 05:29 PM
75
cve
cve

CVE-2018-6116

A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

6.5CVSS

6.6AI Score

0.022EPSS

2018-12-04 05:29 PM
96
cve
cve

CVE-2018-6119

Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5CVSS

6.2AI Score

0.002EPSS

2018-09-25 02:29 PM
82
cve
cve

CVE-2018-6152

The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HT...

9.6CVSS

8.2AI Score

0.013EPSS

2018-12-04 05:29 PM
89
Total number of security vulnerabilities162