Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zhou yu vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-6129
Out of bounds array access in WebRTC in Google Chrome before 67.0.3396.62 allowed a remote malicious user to potentially perform out of bounds memory access via a crafted HTML page.
Google Chrome
1 EDB exploit
6.5
CVSSv3
CVE-2018-6130
Incorrect handling of object lifetimes in WebRTC in Google Chrome before 67.0.3396.62 allowed a remote malicious user to potentially perform out of bounds memory access via a crafted HTML page.
Google Chrome
1 EDB exploit
6.1
CVSSv3
CVE-2018-6145
Insufficient data validation in HTML parser in Google Chrome before 67.0.3396.62 allowed a remote malicious user to bypass same origin policy via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2018-6131
Object lifecycle issue in WebAssembly in Google Chrome before 67.0.3396.62 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
4.3
CVSSv3
CVE-2018-6132
Uninitialized data in WebRTC in Google Chrome before 67.0.3396.62 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted video file.
Google Chrome
6.5
CVSSv3
CVE-2018-6134
Information leak in Blink in Google Chrome before 67.0.3396.62 allowed a remote malicious user to bypass no-referrer policy via a crafted HTML page.
Google Chrome
6.5
CVSSv3
CVE-2018-6136
Missing type check in V8 in Google Chrome before 67.0.3396.62 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
8.1
CVSSv3
CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome before 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
Google Chrome
8.8
CVSSv3
CVE-2018-6121
Insufficient validation of input in Blink in Google Chrome before 66.0.3359.170 allowed a remote malicious user to perform privilege escalation via a crafted HTML page.
Google Chrome
8.8
CVSSv3
CVE-2018-6122
Type confusion in WebAssembly in Google Chrome before 66.0.3359.139 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »