Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2019
CVE-2018-6134
Information leak in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-06-27
CVE-2018-6136
Missing type check in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-06-27
CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
CVSS Score
8.1
EPSS Score
0.001
Published
2019-06-27
CVE-2018-6142
Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-06-27
CVE-2018-6145
Insufficient data validation in HTML parser in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-06-27
CVE-2018-6148
Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-06-27
CVE-2018-6149
Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-06-27
CVE-2017-5028
Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-06-27
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers.
CVSS Score
9.8
EPSS Score
0.025
Published
2019-06-27
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat.
CVSS Score
8.8
EPSS Score
0.029
Published
2019-06-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved