Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-09 CVE-2018-6178 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.
network
low complexity
google debian redhat CWE-1021
4.3
2019-01-09 CVE-2018-6175 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian redhat
6.5
2019-01-09 CVE-2018-6173 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian redhat
6.5
2019-01-09 CVE-2018-6172 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian redhat
6.5
2019-01-09 CVE-2018-6169 Improper Input Validation vulnerability in multiple products
Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.
network
low complexity
google debian redhat CWE-20
6.5
2019-01-09 CVE-2018-6167 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian redhat
6.5
2019-01-09 CVE-2018-6166 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian redhat
6.5
2019-01-09 CVE-2018-6165 Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google debian redhat
6.5
2019-01-09 CVE-2018-6164 Information Exposure vulnerability in multiple products
Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian redhat CWE-200
6.5
2019-01-09 CVE-2018-6163 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian redhat
6.5