Search CVE reports
171 – 180 of 881 results
Some fixes available 11 of 12
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
4 affected packages
thunderbird, chromium-browser, firefox, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| thunderbird | — | — | — | Fixed |
| chromium-browser | — | — | — | Fixed |
| firefox | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 4
Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 4
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 4
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 4
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.
2 affected packages
oxide-qt, chromium-browser
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| oxide-qt | — | — | — | Not in release |
| chromium-browser | — | — | — | Fixed |
Some fixes available 3 of 4
Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 4
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 9 of 10
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument...
4 affected packages
chromium-browser, lcms, lcms2, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| lcms | — | — | — | Not in release |
| lcms2 | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 4
A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |
Some fixes available 3 of 4
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed |
| oxide-qt | — | — | — | Not in release |