CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6071 – chromium-browser: heap bufffer overflow in skia
https://notcve.org/view.php?id=CVE-2018-6071
An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Desbordamiento de enteros en Skia en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/777318 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6071 https://bugzilla.redhat.com/show_bug.cgi?id=1552488 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2018-6072 – chromium-browser: integer overflow in pdfium
https://notcve.org/view.php?id=CVE-2018-6072
An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un desbordamiento de enteros que conduce a un uso de memoria previamente liberada en PDFium en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante un archivo PDF manipulado. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/791048 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6072 https://bugzilla.redhat.com/show_bug.cgi?id=1552489 • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 53%CPEs: 5EXPL: 1CVE-2018-6064 – Xiaomi Mi6 V8 CollectValuesOrEntriesImpl Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-6064
Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Confusión de tipos en la implementación de __defineGetter__ en V8 en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CollectValuesOrEntriesImpl function. By performing actions in JavaScript, an attacker can trigger a type confusion condition. • https://www.exploit-db.com/exploits/44394 http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/798644 https://www.debian.org/security/2018/dsa-4182 https://www.zerodayinitiative.com/advisories/ZDI-19-368 https://access.redhat.com/security/cve/CVE-2018-6064 https://bugzilla.redhat.com/show_bug.cgi?id=1552481 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6074 – chromium-browser: mark-of-the-web bypass
https://notcve.org/view.php?id=CVE-2018-6074
Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page. El error al aplicar Mark-of-the-Web en las descargas en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto omitiese los controles de nivel del sistema operativo mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/809759 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6074 https://bugzilla.redhat.com/show_bug.cgi?id=1552491 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 0CVE-2018-6075 – chromium-browser: overly permissive cross origin downloads
https://notcve.org/view.php?id=CVE-2018-6075
Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction. El manejo incorrecto de nombres de archivo especificados en las descargas de archivo en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto filtrase datos de orígenes cruzados mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103297 https://access.redhat.com/errata/RHSA-2018:0484 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html https://crbug.com/608669 https://www.debian.org/security/2018/dsa-4182 https://access.redhat.com/security/cve/CVE-2018-6075 https://bugzilla.redhat.com/show_bug.cgi?id=1552492 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •