Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sam vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-5129
A use after free in WebAudio in Blink in Google Chrome before 62.0.3202.62 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-15394
Insufficient Policy Enforcement in Extensions in Google Chrome before 62.0.3202.62 allowed a remote malicious user to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
8.8
CVSSv3
CVE-2017-15387
Insufficient enforcement of Content Security Policy in Blink in Google Chrome before 62.0.3202.62 allowed a remote malicious user to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-15390
Insufficient Policy Enforcement in Omnibox in Google Chrome before 62.0.3202.62 allowed a remote malicious user to perform domain spoofing via IDN homographs in a crafted domain name.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-15391
Insufficient Policy Enforcement in Extensions in Google Chrome before 62.0.3202.62 allowed a remote malicious user to access Extension pages without authorisation via a crafted HTML page.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-15393
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome before 62.0.3202.62 allowed a remote malicious user to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.
Google Chrome
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-6154
Insufficient data validation in WebGL in Google Chrome before 68.0.3440.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
6.5
CVSSv3
CVE-2018-6155
Incorrect handling of frames in the VP8 parser in Google Chrome before 68.0.3440.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted video file.
Google Chrome
8.8
CVSSv3
CVE-2018-6157
Type confusion in WebRTC in Google Chrome before 68.0.3440.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted video file.
Google Chrome
6.5
CVSSv3
CVE-2018-6159
Insufficient policy enforcement in ServiceWorker in Google Chrome before 68.0.3440.75 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »