NotCVE - vendor:"Google" product:"Chrome" version:"4.1.249.1053"

Page 162 of 3271 results (0.017 seconds)

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-18358 – chromium-browser: Insufficient policy enforcement in Proxy

https://notcve.org/view.php?id=CVE-2018-18358

11 Dec 2018 — Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. La falta del uso especial de mayúsculas y minúsculas del localhost en los archivos WPAD en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía que un atacante en el segmento de red local envíe por proxy recursos en el localhost mediante un archivo WPAD manipulado. Chromium is an open-source web browser,... • http://www.securityfocus.com/bid/106084 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-18359 – chromium-browser: Out of bounds read in V8

https://notcve.org/view.php?id=CVE-2018-18359

11 Dec 2018 — Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. La gestión incorrecta de Reflect.construct en V8 en Google Chrome en versiones anteriores a la 71.0.3578.80 permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 71... • http://www.securityfocus.com/bid/106084 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6115

https://notcve.org/view.php?id=CVE-2018-6115

04 Dec 2018 — Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page. La configuración incorrecta de la marca SEE_MASK_FLAG_NO_UI en las descargas de archivos en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto omitiese las comprobaciones de malware del sistema operativo mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103917 • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 2%CPEs: 6EXPL: 0

CVE-2018-6116 – chromium-browser: Incorrect low memory handling in WebAssembly

https://notcve.org/view.php?id=CVE-2018-6116

04 Dec 2018 — A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una desreferencia nullptr en WebAssembly en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto pudiese realizar un acceso a la memoria fuera de límites mediante una página HTML manipulada. • http://www.securityfocus.com/bid/103917 • CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-17479 – chromium-browser: Use-after-free in GPU

https://notcve.org/view.php?id=CVE-2018-17479

26 Nov 2018 — Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Los cálculos incorrectos de la vida útil del objeto en el código de GPU en Google Chrome antes del 70.0.3538.110 permitieron a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to versio... • https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-chrome-os.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-16072 – Gentoo Linux Security Advisory 201811-10

https://notcve.org/view.php?id=CVE-2018-16072

23 Nov 2018 — A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page. La falta de una comprobación de origen relacionada con los manifiestos HLS en Blink en Google Chrome, en versiones anteriores a la 69.0.3497.81, permitía que un atacante remoto omitiese la política del mismo origen mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of... • http://www.securityfocus.com/bid/105215 • CWE-346: Origin Validation Error •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-17478 – chromium-browser: Out of bounds memory access in V8

https://notcve.org/view.php?id=CVE-2018-17478

20 Nov 2018 — Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Los cálculos incorrectos de la posición de la matriz en V8 en Google Chrome antes de 70.0.3538.102 permitieron a un atacante remoto explotar la corrupción de objetos a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.110. Issues addressed ... • https://chromereleases.googleblog.com/2018/11/stable-channel-update-for-desktop.html • CWE-129: Improper Validation of Array Index •

CVSS: 9.6EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-17472 – Gentoo Linux Security Advisory 201811-10

https://notcve.org/view.php?id=CVE-2018-17472

14 Nov 2018 — Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the sandbox via a crafted HTML page. La colocación incorrecta de diálogos en WebContents en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto ocultase la advertencia total de pantalla mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remo... • http://www.securityfocus.com/bid/105666 • CWE-20: Improper Input Validation • </div></div><div class="panel panel-default" style="margin: 0px 10px 30px;"><img src="/assets/img/cve_300x82_sin_bg.png" alt="" class="corner-imageCVE"><span class='corner-first_right_word' style='color: #972b20; margin-bottom: 5px;'>CVSS: 9.6</span><span class='corner-second_right_word' style='color: #006621; margin-bottom: 5px;'>EPSS: 1%</span><span class='corner-third_right_word' style='color: #2b2b2b; margin-bottom: 5px;'>CPEs: 5</span><span class='corner-fourth_right_word' style='color: gray; margin-bottom: 5px;'>EXPL: 0</span><div class="panel-body" style="background-color: #f8f8f8; padding: 17px 62px 10px 10px; border-radius: 10px; margin-right: 20px; width: 98%;box-shadow: 0px 0px 5px rgba(202, 160, 78, 0.6); font-weight: normal;"><h2 class="result-link"><a style="color: blue; padding-right: 20px;" href="view.php?id=CVE-2018-17462" target="_blank">CVE-2018-17462 – chromium-browser: Sandbox escape in AppCache</a></h2><p class="green-link">https://notcve.org/view.php?id=CVE-2018-17462</p> <span class="down-arrow"></span> <p style="margin-bottom: 0px; margin-top: 0px; margin-right: 20px; font-family: Arial, sans-serif; font-weight: 400; color: rgb(51, 51, 51); line-height: 1.58;"><span style="color: rgb(77, 81, 86);">25 Oct 2018 — </span>Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page. Conteo de referencias incorrecto en AppCache en Google Chrome en versiones anteriores a la 70.0.3538.67 permitía que un atacante remoto realizase un escape del sandbox mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.67. Issues addressed include buffer overflow ... • http://www.securityfocus.com/bid/105666 • CWE-416: Use After Free • </div></div><div class="panel panel-default" style="margin: 0px 10px 30px;"><img src="/assets/img/cve_300x82_sin_bg.png" alt="" class="corner-imageCVE"><span class='corner-first_right_word' style='color: #dd4b40; margin-bottom: 5px;'>CVSS: 8.8</span><span class='corner-second_right_word' style='color: #972b20; margin-bottom: 5px;'>EPSS: 96%</span><span class='corner-third_right_word' style='color: #2b2b2b; margin-bottom: 5px;'>CPEs: 5</span><span class='corner-fourth_right_word' style='color: #972b20; margin-bottom: 5px;'>EXPL: 6</span><div class="panel-body" style="background-color: #f8f8f8; padding: 17px 62px 10px 10px; border-radius: 10px; margin-right: 20px; width: 98%;box-shadow: 0px 0px 5px rgba(202, 160, 78, 0.6); font-weight: normal;"><h2 class="result-link"><a style="color: blue; padding-right: 20px;" href="view.php?id=CVE-2018-17463" target="_blank">CVE-2018-17463 – Google Chromium V8 Remote Code Execution Vulnerability</a></h2><p class="green-link">https://notcve.org/view.php?id=CVE-2018-17463</p> <span class="down-arrow"></span> <p style="margin-bottom: 0px; margin-top: 0px; margin-right: 20px; font-family: Arial, sans-serif; font-weight: 400; color: rgb(51, 51, 51); line-height: 1.58;"><span style="color: rgb(77, 81, 86);">25 Oct 2018 — </span>Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Anotación de efecto secundario en V8 en Google Chrome en versiones anteriores a la 70.0.3538.64 permitía que un atacante remoto ejecutase código arbitrario dentro de un sandbox mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.67. Issues addre... • https://packetstorm.news/files/id/156640 • </div></div> </div> </div> </section> <div class="pagination"> <a href='search.php?page=1&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%224.1.249.1053%22' class='page-link'>1</a><span class='page-link-disabled'>...</span><a href='search.php?page=160&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%224.1.249.1053%22' class='page-link'>160</a><a href='search.php?page=161&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%224.1.249.1053%22' class='page-link'>161</a><a href='search.php?page=162&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%224.1.249.1053%22' class='page-link active'>162</a><a href='search.php?page=163&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%224.1.249.1053%22' class='page-link'>163</a><a href='search.php?page=164&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%224.1.249.1053%22' class='page-link'>164</a><a href='search.php?page=163&query=vendor%3A%22Google%22+product%3A%22Chrome%22+version%3A%224.1.249.1053%22' class='page-link'><i class='fas fa-chevron-right'></i></a> </div> </div> </main> <br> <br> <br> <br> <br>  <footer id="footer"> <div class="container"> <div class="row d-flex align-items-center"> <div class="col-lg-4"> <div class="footer-links text-lg-right text-center pt-4 pt-lg-0"> <a href="https://www.linkedin.com/company/notcve/" target="_blank"><i class="bi bi-linkedin"></i> LinkedIn</a> <a href="https://twitter.com/notCVE" target="_blank"><i class="bi bi-twitter"></i> Official</a> <a href="https://twitter.com/notCVEannounce" target="_blank"><i class="bi bi-twitter"></i> Announce</a> </div> </div> <div class="col-lg-4 text-center"> <div class="row align-items-center"> <div class="col-12 text-center"> Partners </div> <div class="col-12 text-center logo-container"> <a href="https://www.cyberintel.es" target="_blank"><img src="/assets/img/logo_cyber_test.svg" alt="Cyber Intelligence S.L."></a> </div> </div> </div> <div class="col-lg-4"> <nav class="footer-links text-lg-right text-center pt-2 pt-lg-0"> <a href="/faq.html">FAQ</a> <a href="/legal.html">Legal</a> <a href="/contact.html">Contact</a> </nav> </div> </div> </div> </footer> <a href="#" class="back-to-top d-flex align-items-center justify-content-center"><i class="bi bi-arrow-up-short"></i></a> <script src="/assets/js/main.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>  <script src="/admin/js/sb-admin-2.min.js"></script>   <script src="/admin/vendor/datatables/jquery.dataTables.min.js"></script> <script src="/admin/vendor/datatables/dataTables.bootstrap4.min.js"></script>  <script src="/admin/js/demo/datatables-demo.js"></script> </body> </html>