NotCVE - vendor:"Google" product:"Chrome" version:"6.0.483.0"

Page 166 of 3188 results (0.019 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-16070 – chromium-browser: Integer overflow in Skia

https://notcve.org/view.php?id=CVE-2018-16070

09 Sep 2018 — Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Los desbordamientos de enteros en Skia en Google Chrome antes de 69.0.3497.81 permitieron a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 69.0.3497.81. Issues addressed include buffer overflow, byp... • https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-15406 – chromium-browser: stack overflow in v8

https://notcve.org/view.php?id=CVE-2017-15406

28 Aug 2018 — A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un desbordamiento de búfer basado en pila en V8 en Google Chrome, en versiones anteriores a la 62.0.3202.75, permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. • https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop_26.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-15430

https://notcve.org/view.php?id=CVE-2017-15430

28 Aug 2018 — Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. La insuficiente validación de datos en el plugin Chromecast en Google Chrome antes del 63.0.3239.84 permitió a un atacante remoto inyectar scripts arbitrarios o HTML (UXSS) a través de una página HTML diseñada. • https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6160 – Gentoo Linux Security Advisory 201808-01

https://notcve.org/view.php?id=CVE-2018-6160

22 Aug 2018 — JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. El manejo de alertas de JavaScript en Prompts en Google Chrome, en versiones anteriores a la 68.0.3440.75, permitía que un atacante remoto suplantase el contenido de Omnibox (barra de direcciones) mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remote... • http://www.securityfocus.com/bid/104887 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-6170 – chromium-browser: Type confusion in PDFium

https://notcve.org/view.php?id=CVE-2018-6170

27 Jul 2018 — A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Una mala conversión en PDFium en Google Chrome, en versiones anteriores a la 68.0.3440.75, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante un archivo PDF manipulado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 68.0.3440.75. Issues addressed include buffer... • http://www.securityfocus.com/bid/104887 • CWE-704: Incorrect Type Conversion or Cast CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6161 – chromium-browser: Same origin policy bypass in WebAudio

https://notcve.org/view.php?id=CVE-2018-6161

27 Jul 2018 — Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. La aplicación insuficiente de políticas en Blink en Google Chrome antes de 68.0.3440.75 permitió que un atacante remoto pasara por alto la misma política de origen a través de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 68.0.3440.75. Issues addressed include buffer over... • https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html • CWE-20: Improper Input Validation •

CVSS: 9.6EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-6152 – chromium-browser: Local file write in DevTools

https://notcve.org/view.php?id=CVE-2018-6152

27 Jul 2018 — The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction. La implementación del backend Page.downloadBehavior marcaba incondicionalmente los archivos descargados como seguros, independientemente del tipo de archivo en Google Chrome, en versi... • http://www.securityfocus.com/bid/104887 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6156 – chromium-browser: Heap buffer overflow in WebRTC

https://notcve.org/view.php?id=CVE-2018-6156

27 Jul 2018 — Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. La derivación incorrecta de la longitud de un paquete en WebRTC en Google Chrome antes de 68.0.3440.75 permitió que un atacante remoto pudiera explotar la corrupción del montón a través de un archivo de video diseñado. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted webs... • https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6167 – chromium-browser: URL spoof in Omnibox

https://notcve.org/view.php?id=CVE-2018-6167

27 Jul 2018 — Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Aplicación insuficiente de caracteres confundibles en URL Formatter en Google Chrome, en versiones anteriores a la 68.0.3440.75, permitía que un atacante remoto suplantase dominios mediante homogramas IDN mediante un nombre de dominio manipulado. Chromium is an open-source web browser, powered by WebKit. This up... • http://www.securityfocus.com/bid/104887 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6176 – chromium-browser: Local user privilege escalation in Extensions

https://notcve.org/view.php?id=CVE-2018-6176

27 Jul 2018 — Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension. La aplicación insuficiente del tipo de archivo en la API de Extensions en Google Chrome antes de 68.0.3440.75 permitió que un atacante remoto que había comprometido el proceso del renderizador realizara una escalada de privilegios a través de una extensión de Chrome diseñada. Chromium is ... • https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html • CWE-20: Improper Input Validation •

1...164 165 166 167 168