Search CVE reports

Toggle filters

191 – 200 of 881 results

CVE-2018-6032

Medium priority

Some fixes available 5 of 7

Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2018-6031

Medium priority

Some fixes available 5 of 7

Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2018-16435

Medium priority

Some fixes available 9 of 10

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument...

4 affected packages

chromium-browser, lcms, lcms2, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
lcms Not in release
lcms2 Fixed
oxide-qt Not in release
Show less packages

CVE-2017-15429

Medium priority

Some fixes available 5 of 14

Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
libv8-3.14 Ignored
oxide-qt Not in release
Show less packages

CVE-2017-15406

Medium priority

Some fixes available 5 of 11

A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

3 affected packages

oxide-qt, chromium-browser, libv8-3.14

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
oxide-qt Not in release
chromium-browser Fixed
libv8-3.14 Ignored
Show less packages

CVE-2017-15399

Medium priority

Some fixes available 6 of 9

A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-15398

Medium priority

Some fixes available 6 of 9

A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-15396

Medium priority

Some fixes available 6 of 14

A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially...

3 affected packages

chromium-browser, oxide-qt, libv8-3.14

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
libv8-3.14 Ignored
Show less packages

CVE-2017-15430

Medium priority

Some fixes available 3 of 4

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-15427

Low priority

Some fixes available 6 of 9

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages
  1. Previous page
  2. 18
  3. 19
  4. 20
  5. 21
  6. 22
  7. Next page
Export to JSON