Search CVE reports


Toggle filters

1 – 10 of 878 results


CVE-2018-6125

Medium priority

Some fixes available 4 of 6

Insufficient policy enforcement in USB in Google Chrome on Windows prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6122

Medium priority

Some fixes available 4 of 6

Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2020-15999

High priority

Some fixes available 15 of 16

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

18 affected packages

android, chromium-browser, firefox, freetype, godot...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android Not in release Not in release Not in release Not in release Needs evaluation
chromium-browser Not affected Not affected Not affected Fixed Fixed
firefox Not affected Not affected Not affected Not affected Not affected
freetype Fixed Fixed Fixed Fixed Fixed
godot Not affected Not affected Not affected Not in release Not in release
graphicsmagick Not affected Not affected Not affected Not affected Not affected
musescore Not in release Not in release Not affected Not affected Not affected
openjdk-12 Not in release Not in release Not in release Not in release Not in release
openjdk-13 Not in release Not in release Not affected Not in release Not in release
openjdk-15 Not in release Not in release Not in release Not in release Not in release
openjdk-lts Not affected Not affected Not affected Not affected Not in release
oxide-qt Not in release Not in release Not in release Not in release Not affected
paraview Not affected Not affected Not affected Not affected Not affected
qtbase-opensource-src Not affected Not affected Not affected Not affected Not affected
qtbase-opensource-src-gles Not affected Not affected Not affected Not in release Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
texmaker Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not affected Not affected
Show all 18 packages Show less packages

CVE-2018-6177

Low priority

Some fixes available 3 of 4

Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6176

Medium priority

Some fixes available 3 of 4

Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6171

Low priority

Some fixes available 3 of 4

Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6168

Low priority

Some fixes available 3 of 4

Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6161

Medium priority

Some fixes available 3 of 4

Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6159

Medium priority

Some fixes available 3 of 4

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages

CVE-2018-6157

Medium priority

Some fixes available 3 of 4

Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

2 affected packages

chromium-browser, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
oxide-qt Not in release Ignored
Show less packages