NotCVE - vendor:"Google" product:"Chrome" version:" <= 60.0.3112.76"

Page 181 of 3368 results (0.017 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2017-1000460

https://notcve.org/view.php?id=CVE-2017-1000460

03 Jan 2018 — In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception. En la línea libavcodec/h264dec.c:500 en libav (v13_dev0), ffmpeg (n3.4) y chromium (56 anterior al 13 de febrero de 2017), el valor de retorno de init_get_bits se ignora y se llama a get_ue_golomb (gb) en un contexto get_bits no inicializado. Esto desemboca e... • https://bugzilla.libav.org/show_bug.cgi?id=952 • CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2017-15429 – chromium-browser: uxss in v8

https://notcve.org/view.php?id=CVE-2017-15429

18 Dec 2017 — Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. Implementación inadecuada en los enlaces V8 WebAssembly JS en Google Chrome en versiones anteriores a la 63.0.3239.108 permitía que un atacante remoto inyectase scripts o HTML arbitrarios (UXSS) mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromiu... • http://www.securityfocus.com/bid/102196 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2017-15410 – chromium-browser: use after free in pdfium

https://notcve.org/view.php?id=CVE-2017-15410

07 Dec 2017 — Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Uso de memoria previamente liberada en PDFium en Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante un archivo PDF manipulado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 63.0.3239.84. Security Fix:... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2017-15409 – chromium-browser: out of bounds write in skia

https://notcve.org/view.php?id=CVE-2017-15409

07 Dec 2017 — Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Desbordamiento de búfer basado en memoria dinámica (heap) en Skia en Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 6... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2017-15425 – chromium-browser: url spoof in omnibox

https://notcve.org/view.php?id=CVE-2017-15425

07 Dec 2017 — Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. Una aplicación de políticas insuficiente en Omnibox en Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto suplantase dominios mediante homogramas IDN en un nombre de dominio manipulado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 63.0.3239... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2017-15420 – chromium-browser: url spoofing in omnibox

https://notcve.org/view.php?id=CVE-2017-15420

07 Dec 2017 — Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. La gestión incorrecta de la navegación hacia atrás en las páginas de error en Navigation en Google Chrome, en versiones anteriores a la 63.0.3239.84, permitía que un atacante remoto suplantase el contenido de Omnibox mediante una página HTML manipulada. Chromium is an open-source web browser, powered by We... • http://www.securitytracker.com/id/1040282 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0

CVE-2017-15408 – chromium-browser: heap buffer overflow in pdfium

https://notcve.org/view.php?id=CVE-2017-15408

07 Dec 2017 — Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. Un desbordamiento de búfer basado en memoria dinámica (heap) en Omnibox en Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto pudiese explotar una corrupción de heap mediante un archivo PDF manipulado que es gestionado erróneamente por PDFium. Chromium is an open-source web browser, po... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2017-15413 – chromium-browser: type confusion in webassembly

https://notcve.org/view.php?id=CVE-2017-15413

07 Dec 2017 — Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Confusión de tipos en WebAssembly en V8 en Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 63.0.3239.84. Securi... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-704: Incorrect Type Conversion or Cast •

CVSS: 6.5EPSS: 2%CPEs: 10EXPL: 0

CVE-2017-15422 – chromium-browser: integer overflow in icu

https://notcve.org/view.php?id=CVE-2017-15422

07 Dec 2017 — Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Un desbordamiento de enteros en el manejo de fechas internacionales en International Components for Unicode (ICU) for C/C++ en versiones anteriores a la 60.1, tal y como se emplea en V8 en Google Chrome en versiones anteriores a la... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2017-15423 – chromium-browser: issue with spake implementation in boringssl

https://notcve.org/view.php?id=CVE-2017-15423

07 Dec 2017 — Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic. Implementación inapropiada en BoringSSL SPAKE2 en Google Chrome en versiones anteriores a la 63.0.3239.84 permitía que un atacante remoto filtrase bits de orden bajo de SHA512(contraseña) inspeccionando el tráfico del protocolo. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium t... • https://access.redhat.com/errata/RHSA-2017:3401 • CWE-310: Cryptographic Issues •

1...179 180 181 182 183