CVE search results

2241 – 2250 of 3719 results

Detailed view

Sort by:

CVE-2017-5046

Medium priority

Some fixes available 8 of 9

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5045

Medium priority

Some fixes available 8 of 9

XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5044

Medium priority

Some fixes available 8 of 9

Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5041

Medium priority

Some fixes available 8 of 9

Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5040

Medium priority

Some fixes available 12 of 20

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page.

4 affected packages

chromium-browser, libv8, libv8-3.14, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
libv8	—	—	—	Not in release
libv8-3.14	—	—	—	Ignored
oxide-qt	—	—	—	Not in release

CVE-2017-5037

Medium priority

Some fixes available 8 of 9

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5035

Medium priority

Some fixes available 8 of 9

Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5033

Medium priority

Some fixes available 8 of 9

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content...

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5031

Medium priority

Some fixes available 8 of 9

A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	—
oxide-qt	—	—	—	—

CVE-2017-5030

Medium priority

Some fixes available 12 of 20

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.

4 affected packages

chromium-browser, libv8, libv8-3.14, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
libv8	—	—	—	Not in release
libv8-3.14	—	—	—	Ignored
oxide-qt	—	—	—	Not in release

Export to JSON

Results by page:

Search CVE reports