Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zhou yu vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-6136
Missing type check in V8 in Google Chrome before 67.0.3396.62 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
516
VMScore
CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome before 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
Google Chrome
605
VMScore
CVE-2018-6118
A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome before 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Google Chrome
383
VMScore
CVE-2018-6148
Incorrect implementation in Content Security Policy in Google Chrome before 67.0.3396.79 allowed a remote malicious user to bypass navigation restrictions via a crafted HTML page.
Google Chrome
605
VMScore
CVE-2018-6149
Type confusion in JavaScript in Google Chrome before 67.0.3396.87 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page.
Google Chrome
605
VMScore
CVE-2017-5091
A use after free in IndexedDB in Google Chrome before 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
605
VMScore
CVE-2017-5092
Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome before 60.0.3112.78 for Windows allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
383
VMScore
CVE-2017-5093
Inappropriate implementation in modal dialog handling in Blink in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to prevent a full screen warning from being displayed via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
383
VMScore
CVE-2017-5094
Type confusion in extensions JavaScript bindings in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to potentially maliciously modify objects via a crafted HTML page.
Debian Debian Linux 9.0
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
383
VMScore
CVE-2017-5105
Insufficient Policy Enforcement in Omnibox in Google Chrome before 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote malicious user to perform domain spoofing via IDN homographs in a crafted domain name.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »