NotCVE - vendor:"Google" product:"Chrome" version:"25.0.1364.108"

Page 161 of 2584 results (0.013 seconds)

CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-18352 – chromium-browser: Inappropriate implementation in Media

https://notcve.org/view.php?id=CVE-2018-18352

11 Dec 2018 — Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page. Los trabajos del servicio pueden obtener acceso de forma inapropiada al audio cross-origin en Media en Google Chrome, en versiones anteriores a la 71.0.3578.80, permitía que un atacante remoto omitiese la política del mismo origen para el contenido de audio mediante una página HTML manipulada. C... • http://www.securityfocus.com/bid/106084 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0

CVE-2018-18353 – chromium-browser: Inappropriate implementation in Network Authentication

https://notcve.org/view.php?id=CVE-2018-18353

11 Dec 2018 — Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page. El error a la hora de descartar los diálogos http auth en la navegación en Network Authentication en Google Chrome en Android en versiones anteriores a la 71.0.3578.80 permitía que un atacante remoto confundiese al usuario sobre el origen de un diálogo auto mediante una página H... • http://www.securityfocus.com/bid/106084 •

CVSS: 8.8EPSS: 89%CPEs: 5EXPL: 1

CVE-2018-17480 – Google Chromium V8 Out-of-Bounds Write Vulnerability

https://notcve.org/view.php?id=CVE-2018-17480

11 Dec 2018 — Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Ejecución de código JavaScript proporcionado por el usuario durante una deserialización de arrays, la cual provoca una escritura fuera de límites en la versión "V8" de Google Chrome en versiones anteriores a la 71.0.3578.80, permitía a un atacante remoto ejecutar código a... • http://www.securityfocus.com/bid/106084 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-17481 – chromium-browser: Use after frees in PDFium

https://notcve.org/view.php?id=CVE-2018-17481

11 Dec 2018 — Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. El manejo incorrecto del ciclo de vida de objetos en PDFium en Google Chrome, en versiones anteriores a la 71.0.3578.98, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante un archivo PDF manipulado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium t... • http://www.securityfocus.com/bid/106084 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-17479 – chromium-browser: Use-after-free in GPU

https://notcve.org/view.php?id=CVE-2018-17479

26 Nov 2018 — Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Los cálculos incorrectos de la vida útil del objeto en el código de GPU en Google Chrome antes del 70.0.3538.110 permitieron a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to versio... • https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-chrome-os.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-16072 – Gentoo Linux Security Advisory 201811-10

https://notcve.org/view.php?id=CVE-2018-16072

23 Nov 2018 — A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page. La falta de una comprobación de origen relacionada con los manifiestos HLS en Blink en Google Chrome, en versiones anteriores a la 69.0.3497.81, permitía que un atacante remoto omitiese la política del mismo origen mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of... • http://www.securityfocus.com/bid/105215 • CWE-346: Origin Validation Error •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-17478 – chromium-browser: Out of bounds memory access in V8

https://notcve.org/view.php?id=CVE-2018-17478

20 Nov 2018 — Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Los cálculos incorrectos de la posición de la matriz en V8 en Google Chrome antes de 70.0.3538.102 permitieron a un atacante remoto explotar la corrupción de objetos a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.110. Issues addressed ... • https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-desktop.html • CWE-129: Improper Validation of Array Index •

CVSS: 9.6EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-17472 – Gentoo Linux Security Advisory 201811-10

https://notcve.org/view.php?id=CVE-2018-17472

14 Nov 2018 — Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the sandbox via a crafted HTML page. La colocación incorrecta de diálogos en WebContents en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto ocultase la advertencia total de pantalla mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remo... • http://www.securityfocus.com/bid/105666 • CWE-20: Improper Input Validation • </div></div><div class="panel panel-default" style="margin: 0px 10px 30px;"><img src="/assets/img/cve_300x82_sin_bg.png" alt="" class="corner-imageCVE"><span class='corner-first_right_word' style='color: #f39c09; margin-bottom: 5px;'>CVSS: 4.3</span><span class='corner-second_right_word' style='color: #006621; margin-bottom: 5px;'>EPSS: 0%</span><span class='corner-third_right_word' style='color: #2b2b2b; margin-bottom: 5px;'>CPEs: 5</span><span class='corner-fourth_right_word' style='color: gray; margin-bottom: 5px;'>EXPL: 0</span><div class="panel-body" style="background-color: #f8f8f8; padding: 17px 62px 10px 10px; border-radius: 10px; margin-right: 20px; width: 98%;box-shadow: 0px 0px 5px rgba(202, 160, 78, 0.6); font-weight: normal;"><h2 class="result-link"><a style="color: blue; padding-right: 20px;" href="view.php?id=CVE-2018-17475" target="_blank">CVE-2018-17475 – chromium-browser: URL spoof in Omnibox</a></h2><p class="green-link">https://notcve.org/view.php?id=CVE-2018-17475</p> <span class="down-arrow"></span> <p style="margin-bottom: 0px; margin-top: 0px; margin-right: 20px; font-family: Arial, sans-serif; font-weight: 400; color: rgb(51, 51, 51); line-height: 1.58;"><span style="color: rgb(77, 81, 86);">25 Oct 2018 — </span>Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. La gestión incorrecta del historial en iOS en la navegación en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto suplantase el contenido de Omnibox (barra de direcciones) mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrade... • http://www.securityfocus.com/bid/105666 • </div></div><div class="panel panel-default" style="margin: 0px 10px 30px;"><img src="/assets/img/cve_300x82_sin_bg.png" alt="" class="corner-imageCVE"><span class='corner-first_right_word' style='color: #f39c09; margin-bottom: 5px;'>CVSS: 4.3</span><span class='corner-second_right_word' style='color: #006621; margin-bottom: 5px;'>EPSS: 0%</span><span class='corner-third_right_word' style='color: #2b2b2b; margin-bottom: 5px;'>CPEs: 5</span><span class='corner-fourth_right_word' style='color: gray; margin-bottom: 5px;'>EXPL: 0</span><div class="panel-body" style="background-color: #f8f8f8; padding: 17px 62px 10px 10px; border-radius: 10px; margin-right: 20px; width: 98%;box-shadow: 0px 0px 5px rgba(202, 160, 78, 0.6); font-weight: normal;"><h2 class="result-link"><a style="color: blue; padding-right: 20px;" href="view.php?id=CVE-2018-17476" target="_blank">CVE-2018-17476 – chromium-browser: Security UI occlusion in full screen mode</a></h2><p class="green-link">https://notcve.org/view.php?id=CVE-2018-17476</p> <span class="down-arrow"></span> <p style="margin-bottom: 0px; margin-top: 0px; margin-right: 20px; font-family: Arial, sans-serif; font-weight: 400; color: rgb(51, 51, 51); line-height: 1.58;"><span style="color: rgb(77, 81, 86);">25 Oct 2018 — </span>Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. La colocación incorrecta de diálogos en Cast UI en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto ocultase la advertencia total de pantalla mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.67. Issues addressed ... • http://www.securityfocus.com/bid/105666 • </div></div> </div> </div> </section> <div class="pagination"> <a href='search.php?page=1&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.108%22' class='page-link'>1</a><span class='page-link-disabled'>...</span><a href='search.php?page=159&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.108%22' class='page-link'>159</a><a href='search.php?page=160&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.108%22' class='page-link'>160</a><a href='search.php?page=161&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.108%22' class='page-link active'>161</a><a href='search.php?page=162&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.108%22' class='page-link'>162</a><a href='search.php?page=163&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.108%22' class='page-link'>163</a><a href='search.php?page=162&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.108%22' class='page-link'><i class='fas fa-chevron-right'></i></a> </div> </div> </main> <br> <br> <br> <br> <br>  <footer id="footer"> <div class="container"> <div class="row d-flex align-items-center"> <div class="col-lg-4"> <div class="footer-links text-lg-right text-center pt-4 pt-lg-0"> <a href="https://www.linkedin.com/company/notcve/" target="_blank"><i class="bi bi-linkedin"></i> LinkedIn</a> <a href="https://twitter.com/notCVE" target="_blank"><i class="bi bi-twitter"></i> Official</a> <a href="https://twitter.com/notCVEannounce" target="_blank"><i class="bi bi-twitter"></i> Announce</a> </div> </div> <div class="col-lg-4 text-center"> <div class="row align-items-center"> <div class="col-12 text-center"> Partners </div> <div class="col-12 text-center logo-container"> <a href="https://www.cyberintel.es" target="_blank"><img src="/assets/img/logo_cyber_test.svg" alt="Cyber Intelligence S.L."></a> </div> </div> </div> <div class="col-lg-4"> <nav class="footer-links text-lg-right text-center pt-2 pt-lg-0"> <a href="/faq.html">FAQ</a> <a href="/legal.html">Legal</a> <a href="/contact.html">Contact</a> </nav> </div> </div> </div> </footer> <a href="#" class="back-to-top d-flex align-items-center justify-content-center"><i class="bi bi-arrow-up-short"></i></a> <script src="/assets/js/main.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>  <script src="/admin/js/sb-admin-2.min.js"></script>   <script src="/admin/vendor/datatables/jquery.dataTables.min.js"></script> <script src="/admin/vendor/datatables/dataTables.bootstrap4.min.js"></script>  <script src="/admin/js/demo/datatables-demo.js"></script> </body> </html>