CVE search results

141 – 150 of 878 results

Detailed view

Sort by:

CVE-2018-6066

Medium priority

Some fixes available 3 of 5

Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6065

Medium priority

Some fixes available 3 of 9

Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
libv8-3.14	—	—	—	Ignored	Ignored
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6064

Medium priority

Some fixes available 3 of 9

Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
libv8-3.14	—	—	—	Ignored	Ignored
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6063

Medium priority

Some fixes available 3 of 5

Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6062

Medium priority

Some fixes available 3 of 5

Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6061

Medium priority

Some fixes available 3 of 9

A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
libv8-3.14	—	—	—	Ignored	Ignored
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6060

Medium priority

Some fixes available 3 of 5

Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6057

Medium priority

Some fixes available 3 of 5

Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Not affected	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-17477

Medium priority

Some fixes available 3 of 4

Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-17476

Medium priority

Some fixes available 3 of 4

Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

Export to JSON

Results by page:

Search CVE reports