CVE search results

51 – 60 of 881 results

Detailed view

Sort by:

CVE-2018-6132

Medium priority

Some fixes available 4 of 6

Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6131

Medium priority

Some fixes available 4 of 6

Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6130

Medium priority

Some fixes available 4 of 6

Incorrect handling of object lifetimes in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

2 affected packages

oxide-qt, chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
oxide-qt	—	—	—	Not in release
chromium-browser	—	—	—	Fixed

CVE-2018-6129

Medium priority

Some fixes available 4 of 6

Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6128

Medium priority

Some fixes available 4 of 6

Incorrect URL parsing in WebKit in Google Chrome on iOS prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6127

Medium priority

Some fixes available 4 of 6

Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6126

Medium priority

Some fixes available 16 of 19

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

4 affected packages

chromium-browser, firefox, oxide-qt, thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
firefox	—	—	—	Fixed
oxide-qt	—	—	—	Not in release
thunderbird	—	—	—	Fixed

CVE-2018-6125

Medium priority

Some fixes available 4 of 6

Insufficient policy enforcement in USB in Google Chrome on Windows prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6124

Medium priority

Some fixes available 4 of 6

Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2018-6123

Medium priority

Some fixes available 4 of 6

A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

Export to JSON

Results by page:

Search CVE reports