Show filters
963 Total Results
Displaying 181-190 of 963
Sort by:
Attacker Value
Unknown

CVE-2018-18356

Disclosure Date: December 11, 2018 (last updated November 08, 2023)
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-5802

Disclosure Date: December 07, 2018 (last updated November 27, 2024)
An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-5801

Disclosure Date: December 07, 2018 (last updated November 27, 2024)
An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.
0
0
Attacker Value
Unknown

CVE-2018-5800

Disclosure Date: December 07, 2018 (last updated November 27, 2024)
An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-18311

Disclosure Date: December 07, 2018 (last updated November 08, 2023)
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
0
0
Attacker Value
Unknown

CVE-2018-6102

Disclosure Date: December 04, 2018 (last updated November 08, 2023)
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
0
0
Attacker Value
Unknown

CVE-2018-6095

Disclosure Date: December 04, 2018 (last updated November 08, 2023)
Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-6089

Disclosure Date: December 04, 2018 (last updated November 08, 2023)
A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-6103

Disclosure Date: December 04, 2018 (last updated November 08, 2023)
A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-6085

Disclosure Date: December 04, 2018 (last updated November 08, 2023)
Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
0
0
View More Topics  < Previous  Next >