Search CVE reports
161 – 170 of 881 results
Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
4 affected packages
chromium-browser, firefox, oxide-qt, thunderbird
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| firefox | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
| thunderbird | — | — | — | — | Fixed |
In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.
5 affected packages
android, chromium-browser, libvpx, oxide-qt, sludge
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| android | Not in release | Not in release | Not in release | Not in release | Not in release |
| chromium-browser | Not affected | Not affected | Not affected | Not in release | Not affected |
| libvpx | Not affected | Not affected | Not affected | Not affected | Not affected |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not in release |
| sludge | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
Insufficient policy enforcement in Catalog Service in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted HTML page.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |
Some fixes available 5 of 6
Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.
2 affected packages
chromium-browser, oxide-qt
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | Fixed |
| oxide-qt | — | — | — | — | Not in release |