Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux_desktop
(Redhat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 44 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-12-04 | CVE-2018-6085 | Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6086 | A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6087 | A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6088 | An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6089 | A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 6.5 | ||
| 2018-12-04 | CVE-2018-6090 | An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6092 | An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6094 | Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 8.8 | ||
| 2018-12-04 | CVE-2018-6095 | Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 6.5 | ||
| 2018-12-04 | CVE-2018-6098 | Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | Debian_linux, Chrome, Linux_desktop, Linux_server, Linux_workstation | 6.5 |