CVE-2018-6104
- EPSS 1.39%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:04
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2018-6105
- EPSS 1.26%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:04
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2018-6107
- EPSS 1.39%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:04
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2018-6108
- EPSS 1.45%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:05
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page.
CVE-2018-6115
- EPSS 1.06%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:05
Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page.
CVE-2018-6116
- EPSS 1.42%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:06
A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2018-6085
- EPSS 3.56%
- Veröffentlicht 04.12.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 04:10:01
Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2018-6081
- EPSS 0.88%
- Veröffentlicht 14.11.2018 15:29:02
- Zuletzt bearbeitet 21.11.2024 04:10:01
XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page.
CVE-2018-6082
- EPSS 1.4%
- Veröffentlicht 14.11.2018 15:29:02
- Zuletzt bearbeitet 21.11.2024 04:10:01
Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page.
CVE-2018-6083
- EPSS 1.55%
- Veröffentlicht 14.11.2018 15:29:02
- Zuletzt bearbeitet 21.11.2024 04:10:01
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page.