10.0.648.128

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-09	CVE-2018-6178	Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension. network low complexity google debian redhat CWE-1021	4.3
2019-01-09	CVE-2018-6175	Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian redhat	6.5
2019-01-09	CVE-2018-6174	Integer Overflow or Wraparound vulnerability in multiple products Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian redhat CWE-190	8.8
2019-01-09	CVE-2018-6173	Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian redhat	6.5
2019-01-09	CVE-2018-6172	Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian redhat	6.5
2019-01-09	CVE-2018-6170	Incorrect Type Conversion or Cast vulnerability in multiple products A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google debian redhat CWE-704	8.8
2019-01-09	CVE-2018-6169	Improper Input Validation vulnerability in multiple products Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page. network low complexity google debian redhat CWE-20	6.5
2019-01-09	CVE-2018-6167	Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian redhat	6.5
2019-01-09	CVE-2018-6166	Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian redhat	6.5
2019-01-09	CVE-2018-6165	Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google debian redhat	6.5