# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2019-5765 |
312 |
|
+Info |
2019-02-19 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent. |
2 |
CVE-2019-3459 |
125 |
|
+Info |
2019-04-11 |
2022-04-22 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. |
3 |
CVE-2018-16876 |
200 |
|
+Info |
2019-01-03 |
2021-08-04 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. |
4 |
CVE-2018-16078 |
200 |
|
+Info |
2019-01-09 |
2019-01-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. |
5 |
CVE-2018-12397 |
200 |
|
+Info |
2019-02-28 |
2019-03-01 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. |
6 |
CVE-2018-6179 |
200 |
|
+Info |
2019-01-09 |
2019-01-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. |
7 |
CVE-2018-6164 |
200 |
|
+Info |
2019-01-09 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
8 |
CVE-2018-6147 |
200 |
|
+Info |
2019-01-09 |
2019-01-29 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process. |
9 |
CVE-2018-6137 |
200 |
|
+Info |
2019-01-09 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
10 |
CVE-2018-6117 |
200 |
|
+Info |
2019-01-09 |
2019-01-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. |
11 |
CVE-2018-6109 |
200 |
|
+Info |
2019-01-09 |
2019-01-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page. |
12 |
CVE-2018-6093 |
200 |
|
+Info |
2019-01-09 |
2019-01-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
Total number of vulnerabilities :
12
Page :
1
(This Page)