CVE search results

2091 – 2100 of 3719 results

Detailed view

Sort by:

CVE-2017-15396

Medium priority

Some fixes available 6 of 14

A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially...

3 affected packages

chromium-browser, oxide-qt, libv8-3.14

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release
libv8-3.14	—	—	—	Ignored

CVE-2017-15430

Medium priority

Some fixes available 3 of 4

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15427

Low priority

Some fixes available 6 of 9

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15426

Low priority

Some fixes available 6 of 9

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15425

Low priority

Some fixes available 6 of 9

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15424

Low priority

Some fixes available 6 of 9

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15423

Low priority

Some fixes available 6 of 9

Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15420

Medium priority

Some fixes available 6 of 9

Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15419

Medium priority

Some fixes available 6 of 9

Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

CVE-2017-15418

Medium priority

Some fixes available 6 of 9

Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
oxide-qt	—	—	—	Not in release

Export to JSON

Results by page:

Search CVE reports