Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 878 results


CVE-2018-6156

High priority

Some fixes available 7 of 8

Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

3 affected packages

chromium-browser, firefox, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
firefox Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6155

High priority

Some fixes available 3 of 4

Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6154

Medium priority

Some fixes available 3 of 4

Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6150

Low priority

Some fixes available 3 of 4

Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6149

Medium priority

Some fixes available 4 of 10

Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
libv8-3.14 Ignored Ignored
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6148

Medium priority

Some fixes available 4 of 6

Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6145

Medium priority

Some fixes available 4 of 6

Insufficient data validation in HTML parser in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6142

Medium priority

Some fixes available 4 of 10

Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
libv8-3.14 Ignored Ignored
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6138

Medium priority

Some fixes available 4 of 6

Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6136

Medium priority

Some fixes available 4 of 10

Missing type check in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
libv8-3.14 Ignored Ignored
oxide-qt Not in release Ignored
Show less packages