Search CVE reports
181 – 190 of 878 results
CVE-2018-6039
Medium prioritySome fixes available 5 of 7
Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6038
Medium prioritySome fixes available 5 of 7
Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6037
Medium prioritySome fixes available 5 of 7
Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6036
Medium prioritySome fixes available 5 of 7
Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6035
Medium prioritySome fixes available 5 of 7
Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6034
Medium prioritySome fixes available 5 of 7
Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6033
Medium prioritySome fixes available 5 of 7
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6032
Medium prioritySome fixes available 5 of 7
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-6031
Medium prioritySome fixes available 5 of 7
Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
2 affected packages
chromium-browser, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2018-16435
Medium prioritySome fixes available 9 of 10
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument...
4 affected packages
chromium-browser, lcms, lcms2, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
lcms | — | — | — | Not in release | Not in release |
lcms2 | — | — | — | Fixed | Fixed |
oxide-qt | — | — | — | Not in release | Ignored |