Vulnerabilities > Google > Chrome > 18.0.1025.146

DATE CVE VULNERABILITY TITLE RISK
2018-12-11 CVE-2018-18340 Use After Free vulnerability in multiple products
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google redhat debian CWE-416
8.8
2018-12-11 CVE-2018-18339 Use After Free vulnerability in multiple products
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google redhat debian CWE-416
8.8
2018-12-11 CVE-2018-18338 Out-of-bounds Write vulnerability in multiple products
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google redhat debian CWE-787
8.8
2018-12-11 CVE-2018-18337 Use After Free vulnerability in multiple products
Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google redhat debian CWE-416
8.8
2018-12-11 CVE-2018-18336 Use After Free vulnerability in multiple products
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google redhat debian CWE-416
8.8
2018-12-11 CVE-2018-18335 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google redhat debian opensuse CWE-787
8.8
2018-12-11 CVE-2018-17481 Use After Free vulnerability in multiple products
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google redhat debian CWE-416
8.8
2018-12-11 CVE-2018-17480 Out-of-bounds Write vulnerability in multiple products
Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
network
low complexity
google redhat debian CWE-787
8.8
2018-12-04 CVE-2018-6152 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
network
low complexity
google redhat debian CWE-434
critical
9.6
2018-12-04 CVE-2018-6116 NULL Pointer Dereference vulnerability in multiple products
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google redhat debian CWE-476
6.5