Page 355 of 2724 results (0.007 seconds)

CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0

Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Uso de memoria previamente liberada en PDFium en Google Chrome en versiones anteriores a la 64.0.3282.119 permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante un archivo PDF manipulado. • http://www.securityfocus.com/bid/102797 http://www.securitytracker.com/id/1040282 https://access.redhat.com/errata/RHSA-2018:0265 https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html https://crbug.com/780450 https://www.debian.org/security/2018/dsa-4103 https://access.redhat.com/security/cve/CVE-2018-6031 https://bugzilla.redhat.com/show_bug.cgi?id=1538503 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0

Incorrect security UI in permissions prompt in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the origin to which permission is granted via a crafted HTML page. Interfaz de usuario de seguridad incorrecta en el mensaje de permisos en Google Chrome en versiones anteriores a la 64.0.3282.119 permitía que un atacante remoto suplantase el origen al que se le otorgan los permisos mediante una página HTML manipulada. • http://www.securityfocus.com/bid/102797 http://www.securitytracker.com/id/1040282 https://access.redhat.com/errata/RHSA-2018:0265 https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html https://crbug.com/774438 https://www.debian.org/security/2018/dsa-4103 https://access.redhat.com/security/cve/CVE-2018-6049 https://bugzilla.redhat.com/show_bug.cgi?id=1538520 •

CVSS: 8.1EPSS: 1%CPEs: 6EXPL: 0

Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Validación de datos insuficiente en WebGL en Google Chrome en versiones anteriores a la 64.0.3282.119 permitía que un atacante remoto pudiese realizar una lectura de memoria fuera de límites mediante una página HTML manipulada. • http://www.securityfocus.com/bid/102797 http://www.securitytracker.com/id/1040282 https://access.redhat.com/errata/RHSA-2018:0265 https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html https://crbug.com/784183 https://www.debian.org/security/2018/dsa-4103 https://access.redhat.com/security/cve/CVE-2018-6034 https://bugzilla.redhat.com/show_bug.cgi?id=1538506 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Implementación inapropiada en Omnibox en Google Chrome en versiones anteriores a la 64.0.3282.119 permitía que un atacante remoto suplantase el contenido de Omnibox (barra de direcciones) mediante una página HTML manipulada. • http://www.securityfocus.com/bid/102797 http://www.securitytracker.com/id/1040282 https://access.redhat.com/errata/RHSA-2018:0265 https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html https://crbug.com/773930 https://www.debian.org/security/2018/dsa-4103 https://access.redhat.com/security/cve/CVE-2018-6042 https://bugzilla.redhat.com/show_bug.cgi?id=1538514 • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page. Validación de datos insuficiente en V8 en Google Chrome en versiones anteriores a la 64.0.3282.119 permitía que un atacante remoto filtrase datos de archivos locales de un usuario mediante una página HTML manipulada. • http://www.securityfocus.com/bid/102797 http://www.securitytracker.com/id/1040282 https://access.redhat.com/errata/RHSA-2018:0265 https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html https://crbug.com/789952 https://www.debian.org/security/2018/dsa-4103 https://access.redhat.com/security/cve/CVE-2018-6036 https://bugzilla.redhat.com/show_bug.cgi?id=1538508 • CWE-20: Improper Input Validation •