Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise developer vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-5765
An exposed debugging endpoint in the browser in Google Chrome on Android before 72.0.3626.81 allowed a local malicious user to obtain potentially sensitive information from process memory via a crafted Intent.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
2 Github repositories
1 Article
6.5
CVSSv3
CVE-2019-5766
Incorrect handling of origin taint checking in Canvas in Google Chrome before 72.0.3626.81 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-5767
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android before 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-5768
DevTools API not correctly gating on extension capability in DevTools in Google Chrome before 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.8
CVSSv3
CVE-2019-5769
Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome before 72.0.3626.81 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.8
CVSSv3
CVE-2019-5770
Insufficient input validation in WebGL in Google Chrome before 72.0.3626.81 allowed a remote malicious user to perform an out of bounds memory read via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.8
CVSSv3
CVE-2019-5772
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome before 72.0.3626.81 allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-5773
Insufficient origin validation in IndexedDB in Google Chrome before 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-5777
Incorrect handling of a confusable character in Omnibox in Google Chrome before 72.0.3626.81 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.8
CVSSv3
CVE-2019-5780
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS before 72.0.3626.81 allowed a local malicious user to execute JavaScript via Apple Events.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »