NotCVE - vendor:"Google" product:"Chrome" version:"6.0.494.0"

Page 175 of 3188 results (0.030 seconds)

CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0

CVE-2018-6100 – chromium-browser: URL spoof in Omnibox

https://notcve.org/view.php?id=CVE-2018-6100

24 Apr 2018 — Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Aplicación insuficiente de caracteres confundibles en URL Formatter en Google Chrome, en versiones anteriores a la 66.0.3359.117 para macOS, permitía que un atacante remoto suplantase dominios mediante homogramas IDN mediante un nombre de dominio manipulado. Chromium is an open-source web browser, powe... • http://www.securityfocus.com/bid/103917 • CWE-19: Data Processing Errors •

CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 1

CVE-2018-6106 – chromium-browser: Incorrect handling of promises in V8

https://notcve.org/view.php?id=CVE-2018-6106

24 Apr 2018 — An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page. Un generador asíncrono podría devolver un estado incorrecto en V8 en Google Chrome, en versiones anteriores a la 66.0.3359.117, lo que permite que un atacante remoto explote una corrupción de objetos mediante una página HTML manipulada. Google Chrome V8 Await methods call ResolveNativePromise which calls InternalRes... • https://packetstorm.news/files/id/147386 • CWE-19: Data Processing Errors •

CVSS: 9.6EPSS: 8%CPEs: 6EXPL: 0

CVE-2018-6086 – chromium-browser: Use after free in Disk Cache

https://notcve.org/view.php?id=CVE-2018-6086

24 Apr 2018 — A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Una doble expulsión en la caché del modo incógnito que conducía a un uso de memoria previamente liberada en Networking Disk Cache en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto ejecutase código arbitrario mediante una página HTML manipulada. Chro... • http://www.securityfocus.com/bid/103917 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-6103 – chromium-browser: UI spoof in Permissions

https://notcve.org/view.php?id=CVE-2018-6103

24 Apr 2018 — A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page. Un mensaje de permisos estancado en Prompts en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto omitiese las políticas de permisos mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 66.0.3359.117. Issues addressed include buf... • http://www.securityfocus.com/bid/103917 •

CVSS: 8.8EPSS: 8%CPEs: 6EXPL: 0

CVE-2018-6090 – chromium-browser: Heap buffer overflow in Skia

https://notcve.org/view.php?id=CVE-2018-6090

24 Apr 2018 — An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en Skia en Google Chrome, en versiones anteriores a la 66.0.3359.117, permitía que un atacante remoto ejecutase código arbitrario dentro de un sandbox mediante una página HTML manipulada. Chromium is an open-so... • http://www.securityfocus.com/bid/103917 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2

CVE-2018-6084 – Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

https://notcve.org/view.php?id=CVE-2018-6084

21 Mar 2018 — Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file. Los objetos distribuidos poco saneados en Updater en Google Chrome, en versiones anteriores a la 66.0.3359.117 para macOS, permitían que un atacante local ejecutase código arbitrario mediante un archivo ejecutable. Google software updater suffers from a local privilege escalation vulnerability on MacOS due to unsafe use of Distrib... • https://packetstorm.news/files/id/146846 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6068 – Gentoo Linux Security Advisory 201803-05

https://notcve.org/view.php?id=CVE-2018-6068

14 Mar 2018 — Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Problemas de ciclo de vida de objetos en Chrome Custom Tab en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto suplantase el contenido de Omnibox (barra de direcciones) mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of... • http://www.securityfocus.com/bid/103297 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2018-6083 – chromium-browser: incorrect processing of appmanifests

https://notcve.org/view.php?id=CVE-2018-6083

12 Mar 2018 — Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page. El error a la hora de deshabilitar la instalación PWA de páginas CSP en sandbox en AppManifest en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto accediese a API privilegiadas mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google ... • http://www.securityfocus.com/bid/103297 •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6070 – chromium-browser: csp bypass through extensions

https://notcve.org/view.php?id=CVE-2018-6070

12 Mar 2018 — Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. La falta de aplicación de la política de seguridad de contenido (CSP) en las páginas de WebUI en Bink en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante que hubiese convencido a un usuario para que instale una extensión maliciosa omita la CSP mediante... • http://www.securityfocus.com/bid/103297 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-6071 – chromium-browser: heap bufffer overflow in skia

https://notcve.org/view.php?id=CVE-2018-6071

12 Mar 2018 — An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Desbordamiento de enteros en Skia en Google Chrome en versiones anteriores a la 65.0.3325.146 permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary... • http://www.securityfocus.com/bid/103297 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •

1...173 174 175 176 177