Oxide Security Vulnerabilities and Issues — Oxide CVE List

Lucene search

Oxide ProjectOxide

5 matches found

CVE•added 2015/04/29 8:59 p.m.•62 views

CVE-2015-1321

Use-after-free vulnerability in the file picker implementation in Oxide before 1.6.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted webpage.

6.8CVSS8.1AI score0.01393EPSS

CVE•added 2015/04/08 6:59 p.m.•56 views

CVE-2015-1317

Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents while a RenderProcessHost instance still exists.

7.5CVSS8.1AI score0.01436EPSS

CVE•added 2017/07/25 6:29 p.m.•55 views

CVE-2015-1332

The oxide::JavaScriptDialogManager function in oxide-qt before 1.9.1 as packaged in Ubuntu 15.04 and Ubuntu 14.04 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted website.

8.8CVSS8.7AI score0.01138EPSS

CVE•added 2016/05/13 2:59 p.m.•47 views

CVE-2016-1578

Use-after-free vulnerability in Oxide allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to responding synchronously to permission requests.

9.8CVSS9.6AI score0.02417EPSS

CVE•added 2019/04/22 4:29 p.m.•40 views

CVE-2016-1586

A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3.

7.5CVSS8.6AI score0.00178EPSS