Month | Quarter | Year |
---|---|---|
#2 | #5 | #4 |
CVE-ID | CWE-ID | Type | Score |
---|---|---|---|
CVE-2018-6174 | CWE-190 | Integer Overflow or Wraparound | 8.8 |
Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page.
|
|||
CVE-2018-6157 | CWE-704 | Incorrect Type Conversion or Cast | 8.8 |
Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
|
|||
CVE-2018-6156 | CWE-119 | Buffer Errors | 8.8 |
Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
|
|||
CVE-2018-6155 | CWE-416 | Use After Free | 6.5 |
Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
|
|||
CVE-2018-6131 | CWE-416 | Use After Free | 8.8 |
Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||
CVE-2018-6130 | CWE-125 | Out-of-bounds Read | 6.5 |
Incorrect handling of object lifetimes in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
|||
CVE-2018-6129 | CWE-125 | Out-of-bounds Read | 6.5 |
Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
|||
CVE-2018-6126 | CWE-787 | Out-of-bounds Write | 8.8 |
A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file with anti-aliasing turned off. This results in a potentially exploitable crash.
|
|||
CVE-2018-6106 | CWE-19 | Data Handling | 8.8 |
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.
|
|||
CVE-2018-6092 | CWE-190 | Integer Overflow or Wraparound | 8.8 |
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.106 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
|