NotCVE - vendor:"Google" product:"Chrome" version:"32.0.1700.17"

Page 175 of 2459 results (0.011 seconds)

CVSS: 6.5EPSS: 2%CPEs: 6EXPL: 0

CVE-2018-6116 – chromium-browser: Incorrect low memory handling in WebAssembly

https://notcve.org/view.php?id=CVE-2018-6116

24 Apr 2018 — A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una desreferencia nullptr en WebAssembly en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto pudiese realizar un acceso a la memoria fuera de límites mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 66.0... • http://www.securityfocus.com/bid/103917 • CWE-476: NULL Pointer Dereference •

CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-6117 – chromium-browser: Confusing autofill settings

https://notcve.org/view.php?id=CVE-2018-6117

24 Apr 2018 — Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Las opciones confusas en Autofill en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitían que un atacante remoto pudiese obtener información potencialmente sensible del la memoria del proceso mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades C... • http://www.securityfocus.com/bid/103917 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2

CVE-2018-6084 – Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

https://notcve.org/view.php?id=CVE-2018-6084

21 Mar 2018 — Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file. Los objetos distribuidos poco saneados en Updater en Google Chrome, en versiones anteriores a la 66.0.3359.117 para macOS, permitían que un atacante local ejecutase código arbitrario mediante un archivo ejecutable. Google software updater suffers from a local privilege escalation vulnerability on MacOS due to unsafe use of Distrib... • https://packetstorm.news/files/id/146846 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6068 – Gentoo Linux Security Advisory 201803-05

https://notcve.org/view.php?id=CVE-2018-6068

14 Mar 2018 — Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Problemas de ciclo de vida de objetos en Chrome Custom Tab en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto suplantase el contenido de Omnibox (barra de direcciones) mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of... • http://www.securityfocus.com/bid/103297 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 1

CVE-2018-6057 – chromium-browser: incorrect permissions on shared memory

https://notcve.org/view.php?id=CVE-2018-6057

12 Mar 2018 — Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page. La falta de una convención especial de Android ashmem en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto que había comprometido el proceso renderer omitiese las garantías de solo lectura del proceso intermedio mediante una página HTML manipulada. Multip... • https://packetstorm.news/files/id/146733 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6060 – chromium-browser: use-after-free in blink

https://notcve.org/view.php?id=CVE-2018-6060

12 Mar 2018 — Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en WebAudio en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execu... • http://www.securityfocus.com/bid/103297 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6061 – chromium-browser: race condition in v8

https://notcve.org/view.php?id=CVE-2018-6061

12 Mar 2018 — A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una carrera en el manejo de SharedArrayBuffers en WebAssembly en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, ... • http://www.securityfocus.com/bid/103297 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-6062 – chromium-browser: heap buffer overflow in skia

https://notcve.org/view.php?id=CVE-2018-6062

12 Mar 2018 — Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Una escritura de desbordamiento de búfer basado en memoria dinámica (heap) en Skia en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese realizar una escritura de memoria fuera de límites mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst... • http://www.securityfocus.com/bid/103297 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 1

CVE-2018-6063 – chromium-browser: incorrect permissions on shared memory

https://notcve.org/view.php?id=CVE-2018-6063

12 Mar 2018 — Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. El uso incorrecto de mojo::WrapSharedMemoryHandle en Mojo en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto que hubiese comprometido el proceso renderer pudiese realizar una escritura de memoria fuera de límites mediante una página HTML manipu... • https://packetstorm.news/files/id/146735 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 53%CPEs: 5EXPL: 2

CVE-2018-6064 – Xiaomi Mi6 V8 CollectValuesOrEntriesImpl Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2018-6064

12 Mar 2018 — Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Confusión de tipos en la implementación de __defineGetter__ en V8 en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. This vulnerability allows remote attackers to execute arbitrary c... • https://packetstorm.news/files/id/147025 • CWE-704: Incorrect Type Conversion or Cast •

1...173 174 175 176 177