Vulnerabilities > Debian > Debian Linux > 9.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-09 | CVE-2018-6093 | Information Exposure vulnerability in multiple products Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-6091 | Data Processing Errors vulnerability in multiple products Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-6084 | Improper Input Validation vulnerability in multiple products Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file. | 7.8 |
2019-01-09 | CVE-2018-6056 | Incorrect Type Conversion or Cast vulnerability in multiple products Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
2019-01-09 | CVE-2018-17470 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 7.4 |
2019-01-09 | CVE-2018-17461 | Out-of-bounds Read vulnerability in multiple products An out of bounds read in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | 8.8 |
2019-01-09 | CVE-2018-16068 | Improper Input Validation vulnerability in multiple products Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2019-01-09 | CVE-2018-16067 | Use After Free vulnerability in multiple products A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-16066 | Use After Free vulnerability in multiple products A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
2019-01-09 | CVE-2018-16065 | Use After Free vulnerability in multiple products A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |