ReportizFlow
Filtered by vendor Google
Subscriptions
Filtered by product Chrome
Subscriptions
Total
3682 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18344 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension. | ||||
| CVE-2018-18343 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18342 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | ||||
| CVE-2018-18341 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18340 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18339 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18338 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18337 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-18336 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2018-18335 | 4 Debian, Google, Opensuse and 1 more | 7 Debian Linux, Chrome, Leap and 4 more | 2024-11-21 | N/A |
| Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-17481 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2018-17479 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-17478 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | ||||
| CVE-2018-17477 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page. | ||||
| CVE-2018-17476 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. | ||||
| CVE-2018-17475 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | ||||
| CVE-2018-17474 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-17473 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. | ||||
| CVE-2018-17472 | 4 Apple, Debian, Google and 1 more | 6 Iphone Os, Debian Linux, Chrome and 3 more | 2024-11-21 | N/A |
| Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page. | ||||
| CVE-2018-17471 | 3 Debian, Google, Redhat | 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. | ||||