News aggregator

CVE-2018-17462

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.
Categories: Security News

CVE-2018-17463

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Categories: Security News

CVE-2018-17464

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Categories: Security News

CVE-2018-17465

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
Categories: Security News

CVE-2018-17466

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
Categories: Security News

CVE-2018-17467

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Categories: Security News

CVE-2018-17468

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page.
Categories: Security News

CVE-2018-17469

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
Categories: Security News

CVE-2018-17471

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
Categories: Security News

CVE-2018-17472

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page.
Categories: Security News

CVE-2018-17473

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Categories: Security News

CVE-2018-17474

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Categories: Security News

CVE-2018-17475

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Categories: Security News

CVE-2018-17476

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
Categories: Security News

CVE-2018-17477

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page.
Categories: Security News

CVE-2018-6057

National Vulnerability Database - Wed, 11/14/2018 - 10:29
Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page.
Categories: Security News

CVE-2018-12174

National Vulnerability Database - Wed, 11/14/2018 - 09:29
Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.
Categories: Security News

CVE-2018-3621

National Vulnerability Database - Wed, 11/14/2018 - 09:29
Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
Categories: Security News

CVE-2018-3635

National Vulnerability Database - Wed, 11/14/2018 - 09:29
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
Categories: Security News

CVE-2018-3696

National Vulnerability Database - Wed, 11/14/2018 - 09:29
Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access.
Categories: Security News

Pages