Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flex vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2023-4244
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to u...
Linux Linux Kernel
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2023-2312
Use after free in Offline in Google Chrome on Android before 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
4.3
CVSSv3
CVE-2023-6511
Inappropriate implementation in Autofill in Google Chrome before 120.0.6099.62 allowed a remote malicious user to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Google Chrome
8.8
CVSSv3
CVE-2023-2461
Use after free in OS Inputs in Google Chrome on ChromeOS before 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)
Google Chrome
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-1227
Use after free in Core in Google Chrome on Lacros before 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)
Google Chrome
8.8
CVSSv3
CVE-2022-4176
Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros before 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High)
Google Chrome
8.8
CVSSv3
CVE-2023-0137
Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS before 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
6.3
CVSSv3
CVE-2023-5473
Use after free in Cast in Google Chrome before 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
Google Chrome
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.5
CVSSv3
CVE-2023-5475
Inappropriate implementation in DevTools in Google Chrome before 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2023-5476
Use after free in Blink History in Google Chrome before 118.0.5993.70 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »