Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zhou yu vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-6136
Missing type check in V8 in Google Chrome before 67.0.3396.62 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
8.1
CVSSv3
CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome before 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
Google Chrome
8.8
CVSSv3
CVE-2018-6118
A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome before 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Google Chrome
6.5
CVSSv3
CVE-2018-6148
Incorrect implementation in Content Security Policy in Google Chrome before 67.0.3396.79 allowed a remote malicious user to bypass navigation restrictions via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2018-6149
Type confusion in JavaScript in Google Chrome before 67.0.3396.87 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2017-5091
A use after free in IndexedDB in Google Chrome before 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2017-5092
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome before 60.0.3112.78 for Windows allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-5093
Inappropriate implementation in modal dialog handling in Blink in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to prevent a full screen warning from being displayed via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.5
CVSSv3
CVE-2017-5094
Type confusion in extensions JavaScript bindings in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to potentially maliciously modify objects via a crafted HTML page.
Debian Debian Linux 9.0
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.5
CVSSv3
CVE-2017-5105
Insufficient Policy Enforcement in Omnibox in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to perform domain spoofing via IDN homographs in a crafted domain name.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »