VYPR

Chrome

by Google

Source repositories

CVEs (5,373)

  • CVE-2018-18357MedDec 11, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

  • CVE-2018-18355MedDec 11, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

  • CVE-2018-18348MedDec 11, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

  • CVE-2018-6102MedDec 4, 2018
    risk 0.28cvss 4.3epss 0.01

    Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

  • CVE-2018-6078MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

  • CVE-2018-6068MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2018-17477MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page.

  • CVE-2018-17476MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.

  • CVE-2018-17475MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2018-17473MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

  • CVE-2018-17471MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.

  • CVE-2018-17467MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2018-17464MedNov 14, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2018-6052MedSep 25, 2018
    risk 0.28cvss 4.3epss 0.01

    Lack of support for a non standard no-referrer policy value in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain referrer details from a web page that had thought it had opted out of sending referrer data.

  • CVE-2018-6051MedSep 25, 2018
    risk 0.28cvss 4.3epss 0.01

    XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.

  • CVE-2018-6048MedSep 25, 2018
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer information via a crafted HTML page.

  • CVE-2018-6047MedSep 25, 2018
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user redirect URL via a crafted HTML page.

  • CVE-2018-6042MedSep 25, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2018-6041MedSep 25, 2018
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2017-15430MedAug 28, 2018
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

Page 172 of 269