Vulnerabilities > Google > Chrome > 18.0.1025.96

DATE CVE VULNERABILITY TITLE RISK
2019-01-09 CVE-2018-6160 Improper Input Validation vulnerability in Google Chrome
JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google CWE-20
6.5
2019-01-09 CVE-2018-6158 Race Condition vulnerability in multiple products
A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
high complexity
google debian redhat CWE-362
7.5
2019-01-09 CVE-2018-6153 Out-of-bounds Write vulnerability in multiple products
A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page.
network
low complexity
google debian redhat CWE-787
8.8
2019-01-09 CVE-2018-6151 Out-of-bounds Read vulnerability in multiple products
Bad cast in DevTools in Google Chrome on Win, Linux, Mac, Chrome OS prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension.
network
low complexity
google debian redhat CWE-125
8.8
2019-01-09 CVE-2018-6147 Information Exposure vulnerability in multiple products
Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process.
local
low complexity
google debian redhat CWE-200
5.5
2019-01-09 CVE-2018-6144 Out-of-bounds Write vulnerability in multiple products
Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file.
network
low complexity
google debian redhat CWE-787
8.8
2019-01-09 CVE-2018-6143 Out-of-bounds Read vulnerability in multiple products
Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian redhat CWE-125
6.5
2019-01-09 CVE-2018-6141 Out-of-bounds Read vulnerability in multiple products
Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian redhat CWE-125
8.8
2019-01-09 CVE-2018-6140 Improper Input Validation vulnerability in multiple products
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
network
low complexity
google debian redhat CWE-20
8.8
2019-01-09 CVE-2018-6139 Improper Input Validation vulnerability in multiple products
Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
network
low complexity
google debian redhat CWE-20
8.8