Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2018
CVE-2018-6048
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer information via a crafted HTML page.
CVSS Score
4.3
EPSS Score
0.008
Published
2018-09-25
CVE-2018-6036
Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.01
Published
2018-09-25
CVE-2018-6037
Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.01
Published
2018-09-25
CVE-2018-6038
Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.012
Published
2018-09-25
CVE-2018-6039
Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension.
CVSS Score
6.1
EPSS Score
0.009
Published
2018-09-25
CVE-2018-6040
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-09-25
CVE-2018-6041
Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVSS Score
4.3
EPSS Score
0.009
Published
2018-09-25
CVE-2018-6031
Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVSS Score
8.8
EPSS Score
0.016
Published
2018-09-25
CVE-2018-6032
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.008
Published
2018-09-25
CVE-2018-6033
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension.
CVSS Score
8.8
EPSS Score
0.016
Published
2018-09-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved