The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Chromium

threat announce CVE-2018-6149

V8: memory corruption

Synthesis of the vulnerability

An attacker can generate a memory corruption of V8, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 13/06/2018.
Identifiers: CERTFR-2018-AVI-282, CVE-2018-6149, DSA-4237-1, FEDORA-2018-499f2dbc96, openSUSE-SU-2018:2054-1, openSUSE-SU-2018:2055-1, RHSA-2018:1933-01, VIGILANCE-VUL-26413.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption of V8, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2018-6148

Google Chrome: privilege escalation via CSP Header

Synthesis of the vulnerability

An attacker can bypass restrictions via CSP Header of Google Chrome, in order to escalate his privileges.
Severity: 3/4.
Creation date: 07/06/2018.
Identifiers: CERTFR-2018-AVI-272, CVE-2018-6148, DSA-4237-1, FEDORA-2018-09b59b0227, FEDORA-2018-7c80aaef26, openSUSE-SU-2018:1859-1, openSUSE-SU-2018:2054-1, openSUSE-SU-2018:2055-1, RHSA-2018:1825-01, VIGILANCE-VUL-26337.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via CSP Header of Google Chrome, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

weakness CVE-2018-6126

Skia: buffer overflow via SVG Rasterizing

Synthesis of the vulnerability

An attacker can generate a buffer overflow via SVG Rasterizing of Skia, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 07/06/2018.
Identifiers: bulletinjul2018, CERTFR-2018-AVI-271, CVE-2018-6126, DSA-4220-1, DSA-4237-1, FEDORA-2018-09b59b0227, FEDORA-2018-7c80aaef26, FEDORA-2019-7f7489dc8c, MFSA-2018-14, openSUSE-SU-2018:1616-1, openSUSE-SU-2018:2054-1, openSUSE-SU-2018:2055-1, RHSA-2018:1815-01, RHSA-2018:2112-01, RHSA-2018:2113-01, SSA:2018-157-01, SSA:2019-247-01, SUSE-SU-2018:1783-1, SUSE-SU-2018:1820-1, SUSE-SU-2018:2298-1, USN-3682-1, VIGILANCE-VUL-26331.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow via SVG Rasterizing of Skia, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2018-6120 CVE-2018-6121 CVE-2018-6122

Google Chrome: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 11/05/2018.
Identifiers: CERTFR-2018-AVI-231, CVE-2018-6120, CVE-2018-6121, CVE-2018-6122, DSA-4237-1, FEDORA-2018-812b5d5a71, FEDORA-2018-94e1bc8c23, openSUSE-SU-2018:1275-1, openSUSE-SU-2018:1437-1, RHSA-2018:1446-01, VIGILANCE-VUL-26113.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2018-6118

Chrome: use after free via Media Cache

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via Media Cache of Chrome, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 02/05/2018.
Identifiers: CERTFR-2018-AVI-209, CVE-2018-6118, DSA-4237-1, openSUSE-SU-2018:1104-1, openSUSE-SU-2018:1175-1, openSUSE-SU-2018:1437-1, RHSA-2018:1321-01, VIGILANCE-VUL-26012.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via Media Cache of Chrome, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-6084 CVE-2018-6085 CVE-2018-6086

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 34.
Creation date: 18/04/2018.
Identifiers: 1546, CERTFR-2018-AVI-186, CVE-2018-6084, CVE-2018-6085, CVE-2018-6086, CVE-2018-6087, CVE-2018-6088, CVE-2018-6089, CVE-2018-6090, CVE-2018-6091, CVE-2018-6092, CVE-2018-6093, CVE-2018-6094, CVE-2018-6095, CVE-2018-6096, CVE-2018-6097, CVE-2018-6098, CVE-2018-6099, CVE-2018-6100, CVE-2018-6101, CVE-2018-6102, CVE-2018-6103, CVE-2018-6104, CVE-2018-6105, CVE-2018-6106, CVE-2018-6107, CVE-2018-6108, CVE-2018-6109, CVE-2018-6110, CVE-2018-6111, CVE-2018-6112, CVE-2018-6113, CVE-2018-6114, CVE-2018-6115, CVE-2018-6116, CVE-2018-6117, DSA-4182-1, openSUSE-SU-2018:1042-1, openSUSE-SU-2018:1175-1, openSUSE-SU-2018:1437-1, RHSA-2018:1195-01, VIGILANCE-VUL-25910.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Full Vigil@nce bulletin... (Free trial)

computer weakness note CVE-2017-15422

ICU: integer overflow

Synthesis of the vulnerability

An attacker can generate an integer overflow of ICU, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 26/03/2018.
Identifiers: CVE-2017-15422, DSA-4150-1, FEDORA-2018-1a85045c79, FEDORA-2018-faff5f661e, openSUSE-SU-2018:1422-1, SUSE-SU-2018:1401-1, SUSE-SU-2018:1602-1, USN-3610-1, VIGILANCE-VUL-25644.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate an integer overflow of ICU, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 25615

Chrome: memory corruption

Synthesis of the vulnerability

An attacker can generate a memory corruption of Chrome, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 21/03/2018.
Identifiers: CERTFR-2018-AVI-141, openSUSE-SU-2018:0773-1, VIGILANCE-VUL-25615.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption of Chrome, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2018-6057 CVE-2018-6058 CVE-2018-6059

Google Chrome: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Severity: 4/4.
Number of vulnerabilities in this bulletin: 27.
Creation date: 07/03/2018.
Identifiers: 1449, 1457, 1466, 1498, 1526, CERTFR-2018-AVI-113, CVE-2018-6057, CVE-2018-6058, CVE-2018-6059, CVE-2018-6060, CVE-2018-6061, CVE-2018-6062, CVE-2018-6063, CVE-2018-6064, CVE-2018-6065, CVE-2018-6066, CVE-2018-6067, CVE-2018-6068, CVE-2018-6069, CVE-2018-6070, CVE-2018-6071, CVE-2018-6072, CVE-2018-6073, CVE-2018-6074, CVE-2018-6075, CVE-2018-6076, CVE-2018-6077, CVE-2018-6078, CVE-2018-6079, CVE-2018-6080, CVE-2018-6081, CVE-2018-6082, CVE-2018-6083, DSA-4182-1, FEDORA-2018-024afa2d48, FEDORA-2018-44e1c23700, FEDORA-2018-faff5f661e, openSUSE-SU-2018:0704-1, openSUSE-SU-2018:1175-1, openSUSE-SU-2018:1437-1, RHSA-2018:0484-01, VIGILANCE-VUL-25476.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of Google Chrome.
Full Vigil@nce bulletin... (Free trial)

weakness announce CVE-2017-5753 CVE-2018-3693

Processors: memory reading via Spectre Bounds Check

Synthesis of the vulnerability

A local attacker can access to the kernel memory, in order to read sensitive information.
Severity: 1/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 05/01/2018.
Revision date: 21/02/2018.
Identifiers: 2016636, 519675, ADV180002, bulletinjan2018, bulletinjul2018, CERTFR-2018-AVI-004, CERTFR-2018-AVI-005, CERTFR-2018-AVI-006, CERTFR-2018-AVI-008, CERTFR-2018-AVI-009, CERTFR-2018-AVI-012, CERTFR-2018-AVI-013, CERTFR-2018-AVI-014, CERTFR-2018-AVI-016, CERTFR-2018-AVI-027, CERTFR-2018-AVI-029, CERTFR-2018-AVI-032, CERTFR-2018-AVI-048, CERTFR-2018-AVI-049, CERTFR-2018-AVI-077, CERTFR-2018-AVI-079, CERTFR-2018-AVI-094, CERTFR-2018-AVI-114, CERTFR-2018-AVI-124, CERTFR-2018-AVI-134, CERTFR-2018-AVI-208, CERTFR-2018-AVI-256, CERTFR-2018-AVI-365, CERTFR-2018-AVI-584, CERTFR-2019-AVI-042, CERTFR-2019-AVI-052, CERTFR-2019-AVI-131, CERTFR-2019-AVI-242, CERTFR-2019-AVI-361, CERTFR-2019-AVI-458, CERTFR-2019-AVI-489, cisco-sa-20180104-cpusidechannel, cpuapr2018, cpuapr2019, CTX231390, CTX231399, CVE-2017-5753, CVE-2018-3693, DLA-1422-1, DLA-1422-2, DLA-1423-1, DLA-1424-1, DLA-1434-1, DLA-1731-1, DLA-1731-2, DSA-2018-049, DSA-4187-1, DSA-4188-1, FEDORA-2018-21a7ad920c, FEDORA-2018-276558ff6f, FEDORA-2018-6b319763ab, FEDORA-2018-7e17849364, FEDORA-2018-e6fe35524d, FEDORA-2018-fb582aabcc, FG-IR-18-002, HT208397, HT208401, ibm10742755, INTEL-OSS-10002, JSA10842, JSA10873, JSA10917, K91229003, MBGSA-1801, MFSA-2018-01, N1022433, nas8N1022433, openSUSE-SU-2018:0022-1, openSUSE-SU-2018:0023-1, openSUSE-SU-2018:0326-1, openSUSE-SU-2018:0459-1, openSUSE-SU-2018:1623-1, openSUSE-SU-2018:2119-1, RHSA-2018:0007-01, RHSA-2018:0008-01, RHSA-2018:0009-01, RHSA-2018:0010-01, RHSA-2018:0011-01, RHSA-2018:0012-01, RHSA-2018:0013-01, RHSA-2018:0014-01, RHSA-2018:0015-01, RHSA-2018:0016-01, RHSA-2018:0017-01, RHSA-2018:0018-01, RHSA-2018:0020-01, RHSA-2018:0021-01, RHSA-2018:0022-01, RHSA-2018:0023-01, RHSA-2018:0024-01, RHSA-2018:0025-01, RHSA-2018:0026-01, RHSA-2018:0027-01, RHSA-2018:0028-01, RHSA-2018:0029-01, RHSA-2018:0030-01, RHSA-2018:0031-01, RHSA-2018:0032-01, RHSA-2018:0034-01, RHSA-2018:0035-01, RHSA-2018:0036-01, RHSA-2018:0037-01, RHSA-2018:0038-01, RHSA-2018:0039-01, RHSA-2018:0040-01, RHSA-2018:0053-01, RHSA-2018:0093-01, RHSA-2018:0094-01, RHSA-2018:0103-01, RHSA-2018:0104-01, RHSA-2018:0105-01, RHSA-2018:0106-01, RHSA-2018:0107-01, RHSA-2018:0108-01, RHSA-2018:0109-01, RHSA-2018:0110-01, RHSA-2018:0111-01, RHSA-2018:0112-01, RHSA-2018:0182-01, RHSA-2018:0292-01, RHSA-2018:0464-01, RHSA-2018:0496-01, RHSA-2018:0512-01, RHSA-2018:1129-01, RHSA-2018:1196-01, RHSA-2019:1946-01, SA161, SB10226, Spectre, spectre_meltdown_advisory, SSA-168644, SSA-505225, SSA-608355, STORM-2018-001, SUSE-SU-2018:0011-1, SUSE-SU-2018:0012-1, SUSE-SU-2018:0031-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0069-1, SUSE-SU-2018:0113-1, SUSE-SU-2018:0114-1, SUSE-SU-2018:0115-1, SUSE-SU-2018:0131-1, SUSE-SU-2018:0171-1, SUSE-SU-2018:0219-1, SUSE-SU-2018:0438-1, SUSE-SU-2018:0472-1, SUSE-SU-2018:0601-1, SUSE-SU-2018:0609-1, SUSE-SU-2018:0638-1, SUSE-SU-2018:0678-1, SUSE-SU-2018:0909-1, SUSE-SU-2018:1368-1, SUSE-SU-2018:1376-1, SUSE-SU-2018:1603-1, SUSE-SU-2018:1658-1, SUSE-SU-2018:1699-1, SUSE-SU-2018:2150-1, SUSE-SU-2018:2528-1, SUSE-SU-2019:0222-1, SUSE-SU-2019:0765-1, SUSE-SU-2019:1550-1, SUSE-SU-2019:2430-1, Synology-SA-18:01, USN-3516-1, USN-3521-1, USN-3530-1, USN-3541-1, USN-3541-2, USN-3542-1, USN-3542-2, USN-3549-1, USN-3580-1, USN-3597-1, USN-3597-2, VIGILANCE-VUL-24948, VMSA-2018-0002, VMSA-2018-0004, VMSA-2018-0004.2, VMSA-2018-0004.3, VMSA-2018-0007, VN-2018-001, VN-2018-002, VU#584653, XSA-254.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A local attacker can monitor the performances of its process, in order to get information about the data used for computing by the processor.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Chromium: