• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-6070

February 26, 2023 by

Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.

CVE-2018-6076

February 26, 2023 by

Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page.

CVE-2018-6081

February 26, 2023 by

XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page.

CVE-2018-6051

February 26, 2023 by

XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.

CVE-2018-6001

February 26, 2023 by

The Soundy Audio Playlist plugin 4.6 and below for WordPress has Cross-Site Scripting via soundy-audio-playlisttemplatesfront-end.php (war_sdy_pl_preview parameter).

CVE-2018-6002

February 26, 2023 by

The Soundy Background Music plugin 3.9 and below for WordPress has Cross-Site Scripting via soundy-background-musictemplatesfront-end.php (war_soundy_preview parameter).

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 276
  • Go to page 277
  • Go to page 278
  • Go to page 279
  • Go to page 280
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE