Month | Quarter | Year |
---|---|---|
#171 | #N/A | #N/A |
CVE-ID | CWE-ID | Type | Score |
---|---|---|---|
CVE-2019-6224 | CWE-119 | Buffer Errors | 8.8 |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution.
|
|||
CVE-2018-6157 | CWE-704 | Incorrect Type Conversion or Cast | 8.8 |
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
|
|||
CVE-2018-6156 | CWE-119 | Buffer Errors | 8.8 |
Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
|
|||
CVE-2018-6155 | CWE-416 | Use After Free | 6.5 |
Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
|
|||
CVE-2018-6131 | CWE-416 | Use After Free | 8.8 |
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||
CVE-2018-6130 | CWE-125 | Out-of-bounds Read | 6.5 |
Incorrect handling of object lifetimes in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
|||
CVE-2018-6129 | CWE-125 | Out-of-bounds Read | 6.5 |
Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
|||
CVE-2018-6092 | CWE-190 | Integer Overflow or Wraparound | 8.8 |
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
|
|||
CVE-2018-4937 | CWE-787 | Out-of-bounds Write | 9.8 |
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||
CVE-2018-4936 | CWE-119 | Buffer Errors | 7.5 |
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
|