Vulnerabilities (CVE)

Filtered by vendor Mi Subscribe
Filtered by product Mi6 Browser
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6743 1 Mi 1 Mi6 Browser 2024-11-21 6.8 MEDIUM 8.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6 Browser prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WebAssembly.Instance method. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7466.
CVE-2018-6065 4 Debian, Google, Mi and 1 more 6 Debian Linux, Chrome, Mi6 Browser and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.