Vulnerabilities > Redhat > Linux Desktop

DATE CVE VULNERABILITY TITLE RISK
2018-12-11 CVE-2018-17481 Use After Free vulnerability in multiple products
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google redhat debian CWE-416
8.8
8.8
2018-12-04 CVE-2018-6116 NULL Pointer Dereference vulnerability in multiple products
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google redhat debian CWE-476
6.5
6.5
2018-12-04 CVE-2018-6108 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.
network
low complexity
redhat debian google
6.5
6.5
2018-12-04 CVE-2018-6107 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
redhat debian google
6.5
6.5
2018-12-04 CVE-2018-6105 Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
redhat debian google
6.5
6.5
2018-12-04 CVE-2018-6104 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
redhat debian google
6.5
6.5
2018-12-04 CVE-2018-6103 A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page.
network
low complexity
redhat debian google
6.5
6.5
2018-12-04 CVE-2018-6102 Improper Input Validation vulnerability in multiple products
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
network
low complexity
redhat debian google CWE-20
4.3
4.3
2018-12-04 CVE-2018-6101 Improper Input Validation vulnerability in multiple products
A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.
network
high complexity
redhat debian google CWE-20
7.5
7.5
2018-12-04 CVE-2018-6099 Information Exposure vulnerability in multiple products
A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page.
network
low complexity
redhat debian google CWE-200
6.5
6.5