CVE search results

211 – 220 of 881 results

Detailed view

Sort by:

CVE-2017-5133

Medium priority

Some fixes available 6 of 9

Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5132

Medium priority

Some fixes available 6 of 9

Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5131

Medium priority

Some fixes available 6 of 9

An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5130

Negligible priority

Some fixes available 8 of 15

An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.

3 affected packages

libxml2, chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libxml2	—	—	—	Fixed
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5129

Medium priority

Some fixes available 6 of 9

A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5128

Medium priority

Some fixes available 6 of 9

Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5127

Medium priority

Some fixes available 6 of 9

Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5126

Medium priority

Some fixes available 6 of 9

A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5125

Medium priority

Some fixes available 6 of 9

Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-5124

Medium priority

Some fixes available 6 of 9

Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

Export to JSON

Results by page:

Search CVE reports