CVE search results

101 – 110 of 878 results

Detailed view

Sort by:

CVE-2018-16066

Medium priority

Some fixes available 3 of 4

A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-16065

Medium priority

Some fixes available 3 of 4

A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6152

Medium priority

Some fixes available 3 of 4

The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6116

Medium priority

Some fixes available 4 of 6

A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6115

Medium priority

Some fixes available 4 of 6

Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6108

Medium priority

Some fixes available 4 of 6

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6107

Medium priority

Some fixes available 4 of 6

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6105

Medium priority

Some fixes available 4 of 6

Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6104

Medium priority

Some fixes available 4 of 6

Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

CVE-2018-6103

Medium priority

Some fixes available 4 of 6

A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
oxide-qt	—	—	—	Not in release	Ignored

Export to JSON

Results by page:

Search CVE reports