CVE search results

141 – 150 of 881 results

Detailed view

Sort by:

CVE-2018-6042

Medium priority

Some fixes available 5 of 7

Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

2 affected packages

oxide-qt, chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
oxide-qt	—	—	—	Not in release
chromium-browser	—	—	—	Fixed

CVE-2018-6041

Medium priority

Some fixes available 5 of 7

Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6040

Medium priority

Some fixes available 5 of 7

Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6039

Medium priority

Some fixes available 5 of 7

Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6038

Medium priority

Some fixes available 5 of 7

Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6037

Medium priority

Some fixes available 5 of 7

Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6036

Medium priority

Some fixes available 5 of 7

Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6035

Medium priority

Some fixes available 5 of 7

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6034

Medium priority

Some fixes available 5 of 7

Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6033

Medium priority

Some fixes available 5 of 7

Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

Export to JSON

Results by page:

Search CVE reports