Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36634 | 1 Zkteco | 1 Zkbiosecurity V5000 | 2022-10-11 | N/A | 8.8 HIGH |
| An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows attackers to arbitrarily create admin users via a crafted HTTP request. | |||||
| CVE-2022-26240 | 2 Beckmancoulter, Microsoft | 2 Remisol Advance, Windows | 2022-10-11 | N/A | 6.5 MEDIUM |
| The default privileges for the running service Normand Message Buffer in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data. | |||||
| CVE-2019-5818 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. | |||||
| CVE-2019-5817 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2022-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5816 | 3 Fedoraproject, Google, Opensuse | 5 Fedora, Android, Chrome and 2 more | 2022-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page. | |||||
| CVE-2019-5814 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2019-5811 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | |||||
| CVE-2022-39279 | 1 Discourse | 1 Discourse-chat | 2022-10-11 | N/A | 5.4 MEDIUM |
| discourse-chat is a plugin for the Discourse message board which adds chat functionality. In versions prior to 0.9 some places render a chat channel's name and description in an unsafe way, allowing staff members to cause an cross site scripting (XSS) attack by inserting unsafe HTML into them. Version 0.9 has addressed this issue. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2019-5810 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2019-5809 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. | |||||
| CVE-2019-5808 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-39851 | 1 Google | 1 Android | 2022-10-11 | N/A | 3.3 LOW |
| Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. | |||||
| CVE-2019-5807 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5806 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2022-10-11 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5805 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2022-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2019-5804 | 3 Google, Microsoft, Opensuse | 4 Chrome, Windows, Backports and 1 more | 2022-10-11 | 2.1 LOW | 5.5 MEDIUM |
| Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. | |||||
| CVE-2019-5803 | 2 Google, Opensuse | 3 Chrome, Backports, Leap | 2022-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |||||
| CVE-2019-5801 | 3 Apple, Google, Opensuse | 4 Iphone Os, Chrome, Backports and 1 more | 2022-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2019-5800 | 2 Google, Opensuse | 3 Chrome, Backports, Leap | 2022-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |||||
| CVE-2022-39852 | 1 Google | 1 Android | 2022-10-11 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution. | |||||