Search CVE reports

Toggle filters

2181 – 2190 of 3719 results

CVE-2017-5093

Medium priority

Some fixes available 6 of 9

Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via...

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-5092

Medium priority

Some fixes available 6 of 9

Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-5091

Medium priority

Some fixes available 6 of 9

A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-5090

Medium priority
Not affected

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name containing a U+0620 character, aka Apple rdar problem 32458012.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser
oxide-qt
Show less packages

CVE-2017-5089

Medium priority

Some fixes available 7 of 11

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name.

2 affected packages

oxide-qt, chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
oxide-qt Not in release
chromium-browser Fixed
Show less packages

CVE-2017-5088

Medium priority

Some fixes available 7 of 17

Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.

3 affected packages

chromium-browser, libv8-3.14, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
libv8-3.14 Ignored
oxide-qt Not in release
Show less packages

CVE-2017-5087

Medium priority

Some fixes available 7 of 11

A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an...

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-5086

Medium priority

Some fixes available 7 of 11

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages

CVE-2017-5085

Low priority

Some fixes available 7 of 11

Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote attacker who convinced the user to perform certain operations to run JavaScript on chrome:// pages via a crafted bookmark.

2 affected packages

oxide-qt, chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
oxide-qt Not in release
chromium-browser Fixed
Show less packages

CVE-2017-5084

Medium priority

Some fixes available 7 of 11

Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
oxide-qt Not in release
Show less packages
  1. Previous page
  2. 217
  3. 218
  4. 219
  5. 220
  6. 221
  7. Next page
Export to JSON