Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kang vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2019-5765
An exposed debugging endpoint in the browser in Google Chrome on Android before 72.0.3626.81 allowed a local malicious user to obtain potentially sensitive information from process memory via a crafted Intent.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
2 Github repositories
1 Article
383
VMScore
CVE-2019-5766
Incorrect handling of origin taint checking in Canvas in Google Chrome before 72.0.3626.81 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
383
VMScore
CVE-2019-5767
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android before 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
383
VMScore
CVE-2019-5768
DevTools API not correctly gating on extension capability in DevTools in Google Chrome before 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
605
VMScore
CVE-2019-5769
Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome before 72.0.3626.81 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
605
VMScore
CVE-2019-5770
Insufficient input validation in WebGL in Google Chrome before 72.0.3626.81 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
409
VMScore
CVE-2019-5780
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS before 72.0.3626.81 allowed a local malicious user to execute JavaScript via Apple Events.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
383
VMScore
CVE-2019-5781
Incorrect handling of a confusable character in Omnibox in Google Chrome before 72.0.3626.81 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
605
VMScore
CVE-2019-5782
Incorrect optimization assumptions in V8 in Google Chrome before 72.0.3626.81 allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
1 Github repository
505
VMScore
CVE-2004-0361
The Javascript engine in Safari 1.2 and previous versions allows remote malicious users to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array.
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3