Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google pdfium - vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2016-1643
The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome prior to 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote malicious users to cause a denial of service o...
Google Chrome
6.8
CVSSv2
CVE-2019-5783
Missing URI encoding of untrusted input in DevTools in Google Chrome before 72.0.3626.81 allowed a remote malicious user to perform a Dangling Markup Injection attack via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2018-6122
Type confusion in WebAssembly in Google Chrome before 66.0.3359.139 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
4.3
CVSSv2
CVE-2018-6125
Insufficient policy enforcement in USB in Google Chrome on Windows before 67.0.3396.62 allowed a remote malicious user to obtain potentially sensitive information via a crafted HTML page.
Google Chrome
4.3
CVSSv2
CVE-2018-6129
Out of bounds array access in WebRTC in Google Chrome before 67.0.3396.62 allowed a remote malicious user to potentially perform out of bounds memory access via a crafted HTML page.
Google Chrome
1 EDB exploit
4.3
CVSSv2
CVE-2018-6142
Array bounds check failure in V8 in Google Chrome before 67.0.3396.62 allowed a remote malicious user to perform an out of bounds memory read via a crafted PDF file.
Google Chrome
4.3
CVSSv2
CVE-2018-6145
Insufficient data validation in HTML parser in Google Chrome before 67.0.3396.62 allowed a remote malicious user to bypass same origin policy via a crafted HTML page.
Google Chrome
6.8
CVSSv2
CVE-2018-6121
Insufficient validation of input in Blink in Google Chrome before 66.0.3359.170 allowed a remote malicious user to perform privilege escalation via a crafted HTML page.
Google Chrome
4.3
CVSSv2
CVE-2018-6130
Incorrect handling of object lifetimes in WebRTC in Google Chrome before 67.0.3396.62 allowed a remote malicious user to potentially perform out of bounds memory access via a crafted HTML page.
Google Chrome
1 EDB exploit
6.8
CVSSv2
CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome before 67.0.3396.62 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »