Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

131 – 140 of 878 results

CVE-2018-6076

Medium priority

Some fixes available 3 of 5

Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6075

Medium priority

Some fixes available 3 of 5

Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6074

Medium priority

Some fixes available 3 of 5

Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6073

Medium priority

Some fixes available 3 of 5

A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6072

Medium priority

Some fixes available 3 of 5

An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6071

Medium priority

Some fixes available 3 of 5

An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6070

Medium priority

Some fixes available 3 of 5

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6069

Medium priority

Some fixes available 3 of 5

Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6068

Medium priority

Some fixes available 3 of 5

Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6067

Medium priority

Some fixes available 3 of 5

Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Not affected Fixed
oxide-qt Not in release Ignored
Show less packages
  1. Previous page
  2. 12
  3. 13
  4. 14
  5. 15
  6. 16
  7. Next page
Export to JSON