Show filters
997 Total Results
Displaying 251-260 of 997
Sort by:
Attacker Value
Unknown

CVE-2018-6042

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-6048

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer information via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-6037

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-6046

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.
0
0
Attacker Value
Unknown

CVE-2018-6038

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
0
0
Attacker Value
Unknown

CVE-2018-6052

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Lack of support for a non standard no-referrer policy value in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain referrer details from a web page that had thought it had opted out of sending referrer data.
0
0
Attacker Value
Unknown

CVE-2018-6033

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.
0
0
Attacker Value
Unknown

CVE-2018-14647

Disclosure Date: September 25, 2018 (last updated November 08, 2023)
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-17183

Disclosure Date: September 19, 2018 (last updated November 08, 2023)
Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
0
0
Attacker Value
Unknown

CVE-2018-11781

Disclosure Date: September 17, 2018 (last updated November 08, 2023)
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.
0
0
View More Topics  < Previous  Next >