NotCVE - vendor:"Google" product:"Chrome" version:"25.0.1364.116"

Page 161 of 2584 results (0.014 seconds)

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-18358 – chromium-browser: Insufficient policy enforcement in Proxy

https://notcve.org/view.php?id=CVE-2018-18358

11 Dec 2018 — Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. La falta del uso especial de mayúsculas y minúsculas del localhost en los archivos WPAD en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía que un atacante en el segmento de red local envíe por proxy recursos en el localhost mediante un archivo WPAD manipulado. Chromium is an open-source web browser,... • http://www.securityfocus.com/bid/106084 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-18359 – chromium-browser: Out of bounds read in V8

https://notcve.org/view.php?id=CVE-2018-18359

11 Dec 2018 — Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. La gestión incorrecta de Reflect.construct en V8 en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 71... • http://www.securityfocus.com/bid/106084 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 89%CPEs: 5EXPL: 1

CVE-2018-17480 – Google Chromium V8 Out-of-Bounds Write Vulnerability

https://notcve.org/view.php?id=CVE-2018-17480

11 Dec 2018 — Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Ejecución de código JavaScript proporcionado por el usuario durante una deserialización de arrays, la cual provoca una escritura fuera de límites en la versión "V8" de Google Chrome en versiones anteriores a la 71.0.3578.80, permitía a un atacante remoto ejecutar código a... • http://www.securityfocus.com/bid/106084 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-17481 – chromium-browser: Use after frees in PDFium

https://notcve.org/view.php?id=CVE-2018-17481

11 Dec 2018 — Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. El manejo incorrecto del ciclo de vida de objetos en PDFium en Google Chrome, en versiones anteriores a la 71.0.3578.98, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante un archivo PDF manipulado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium t... • http://www.securityfocus.com/bid/106084 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-17479 – chromium-browser: Use-after-free in GPU

https://notcve.org/view.php?id=CVE-2018-17479

26 Nov 2018 — Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Los cálculos incorrectos de la vida útil del objeto en el código de GPU en Google Chrome antes del 70.0.3538.110 permitieron a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to versio... • https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-chrome-os.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-16072 – Gentoo Linux Security Advisory 201811-10

https://notcve.org/view.php?id=CVE-2018-16072

23 Nov 2018 — A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page. La falta de una comprobación de origen relacionada con los manifiestos HLS en Blink en Google Chrome, en versiones anteriores a la 69.0.3497.81, permitía que un atacante remoto omitiese la política del mismo origen mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of... • http://www.securityfocus.com/bid/105215 • CWE-346: Origin Validation Error •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-17478 – chromium-browser: Out of bounds memory access in V8

https://notcve.org/view.php?id=CVE-2018-17478

20 Nov 2018 — Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Los cálculos incorrectos de la posición de la matriz en V8 en Google Chrome antes de 70.0.3538.102 permitieron a un atacante remoto explotar la corrupción de objetos a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.110. Issues addressed ... • https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-desktop.html • CWE-129: Improper Validation of Array Index •

CVSS: 9.6EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-17472 – Gentoo Linux Security Advisory 201811-10

https://notcve.org/view.php?id=CVE-2018-17472

14 Nov 2018 — Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the sandbox via a crafted HTML page. La colocación incorrecta de diálogos en WebContents en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto ocultase la advertencia total de pantalla mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remo... • http://www.securityfocus.com/bid/105666 • CWE-20: Improper Input Validation • </div></div><div class="panel panel-default" style="margin: 0px 10px 30px;"><img src="/assets/img/cve_300x82_sin_bg.png" alt="" class="corner-imageCVE"><span class='corner-first_right_word' style='color: #972b20; margin-bottom: 5px;'>CVSS: 9.6</span><span class='corner-second_right_word' style='color: #006621; margin-bottom: 5px;'>EPSS: 1%</span><span class='corner-third_right_word' style='color: #2b2b2b; margin-bottom: 5px;'>CPEs: 5</span><span class='corner-fourth_right_word' style='color: gray; margin-bottom: 5px;'>EXPL: 0</span><div class="panel-body" style="background-color: #f8f8f8; padding: 17px 62px 10px 10px; border-radius: 10px; margin-right: 20px; width: 98%;box-shadow: 0px 0px 5px rgba(202, 160, 78, 0.6); font-weight: normal;"><h2 class="result-link"><a style="color: blue; padding-right: 20px;" href="view.php?id=CVE-2018-17462" target="_blank">CVE-2018-17462 – chromium-browser: Sandbox escape in AppCache</a></h2><p class="green-link">https://notcve.org/view.php?id=CVE-2018-17462</p> <span class="down-arrow"></span> <p style="margin-bottom: 0px; margin-top: 0px; margin-right: 20px; font-family: Arial, sans-serif; font-weight: 400; color: rgb(51, 51, 51); line-height: 1.58;"><span style="color: rgb(77, 81, 86);">25 Oct 2018 — </span>Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page. Conteo de referencias incorrecto en AppCache en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto realizase un escape del sandbox mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.67. Issues addressed include buffer overflow ... • http://www.securityfocus.com/bid/105666 • CWE-416: Use After Free • </div></div><div class="panel panel-default" style="margin: 0px 10px 30px;"><img src="/assets/img/cve_300x82_sin_bg.png" alt="" class="corner-imageCVE"><span class='corner-first_right_word' style='color: #dd4b40; margin-bottom: 5px;'>CVSS: 8.8</span><span class='corner-second_right_word' style='color: #972b20; margin-bottom: 5px;'>EPSS: 96%</span><span class='corner-third_right_word' style='color: #2b2b2b; margin-bottom: 5px;'>CPEs: 5</span><span class='corner-fourth_right_word' style='color: #972b20; margin-bottom: 5px;'>EXPL: 6</span><div class="panel-body" style="background-color: #f8f8f8; padding: 17px 62px 10px 10px; border-radius: 10px; margin-right: 20px; width: 98%;box-shadow: 0px 0px 5px rgba(202, 160, 78, 0.6); font-weight: normal;"><h2 class="result-link"><a style="color: blue; padding-right: 20px;" href="view.php?id=CVE-2018-17463" target="_blank">CVE-2018-17463 – Google Chromium V8 Remote Code Execution Vulnerability</a></h2><p class="green-link">https://notcve.org/view.php?id=CVE-2018-17463</p> <span class="down-arrow"></span> <p style="margin-bottom: 0px; margin-top: 0px; margin-right: 20px; font-family: Arial, sans-serif; font-weight: 400; color: rgb(51, 51, 51); line-height: 1.58;"><span style="color: rgb(77, 81, 86);">25 Oct 2018 — </span>Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Anotación de efecto secundario en V8 en Google Chrome en versiones anteriores a la 70.0.3538.64 permitía que un atacante remoto ejecutase código arbitrario dentro de un sandbox mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.67. Issues addre... • https://packetstorm.news/files/id/156640 • </div></div> </div> </div> </section> <div class="pagination"> <a href='search.php?page=1&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.116%22' class='page-link'>1</a><span class='page-link-disabled'>...</span><a href='search.php?page=159&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.116%22' class='page-link'>159</a><a href='search.php?page=160&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.116%22' class='page-link'>160</a><a href='search.php?page=161&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.116%22' class='page-link active'>161</a><a href='search.php?page=162&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.116%22' class='page-link'>162</a><a href='search.php?page=163&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.116%22' class='page-link'>163</a><a href='search.php?page=162&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%2225.0.1364.116%22' class='page-link'><i class='fas fa-chevron-right'></i></a> </div> </div> </main> <br> <br> <br> <br> <br>  <footer id="footer"> <div class="container"> <div class="row d-flex align-items-center"> <div class="col-lg-4"> <div class="footer-links text-lg-right text-center pt-4 pt-lg-0"> <a href="https://www.linkedin.com/company/notcve/" target="_blank"><i class="bi bi-linkedin"></i> LinkedIn</a> <a href="https://twitter.com/notCVE" target="_blank"><i class="bi bi-twitter"></i> Official</a> <a href="https://twitter.com/notCVEannounce" target="_blank"><i class="bi bi-twitter"></i> Announce</a> </div> </div> <div class="col-lg-4 text-center"> <div class="row align-items-center"> <div class="col-12 text-center"> Partners </div> <div class="col-12 text-center logo-container"> <a href="https://www.cyberintel.es" target="_blank"><img src="/assets/img/logo_cyber_test.svg" alt="Cyber Intelligence S.L."></a> </div> </div> </div> <div class="col-lg-4"> <nav class="footer-links text-lg-right text-center pt-2 pt-lg-0"> <a href="/faq.html">FAQ</a> <a href="/legal.html">Legal</a> <a href="/contact.html">Contact</a> </nav> </div> </div> </div> </footer> <a href="#" class="back-to-top d-flex align-items-center justify-content-center"><i class="bi bi-arrow-up-short"></i></a> <script src="/assets/js/main.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>  <script src="/admin/js/sb-admin-2.min.js"></script>   <script src="/admin/vendor/datatables/jquery.dataTables.min.js"></script> <script src="/admin/vendor/datatables/dataTables.bootstrap4.min.js"></script>  <script src="/admin/js/demo/datatables-demo.js"></script> </body> </html>