Redhat » Linux Server : Security Vulnerabilities, CVEs, Published In 2018 (Code Execution)
CVE-2018-17463
Known exploited
Public exploit
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
97.41%
Published
2018-11-14
Updated
2020-08-24
CISA KEV Added
2022-06-08
A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server.
Max CVSS
7.5
EPSS Score
14.72%
Published
2018-12-04
Updated
2019-03-01
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
19.25%
Published
2018-12-04
Updated
2019-03-01
An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
9.59%
Published
2018-12-04
Updated
2019-03-01
An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
Max CVSS
8.8
EPSS Score
5.93%
Published
2018-12-04
Updated
2019-03-01
A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Max CVSS
8.8
EPSS Score
6.88%
Published
2018-12-04
Updated
2019-03-01
A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Max CVSS
8.8
EPSS Score
9.69%
Published
2018-12-04
Updated
2019-03-01
Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
Max CVSS
8.8
EPSS Score
9.69%
Published
2018-12-04
Updated
2019-03-01
8 vulnerabilities found