Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4046 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2019-14818 3 Dpdk, Fedoraproject, Redhat 7 Data Plane Development Kit, Fedora, Enterprise Linux and 4 more 2024-11-21 7.5 High
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.
CVE-2019-14816 7 Canonical, Debian, Fedoraproject and 4 more 60 Ubuntu Linux, Debian Linux, Fedora and 57 more 2024-11-21 7.8 High
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2019-14815 3 Linux, Netapp, Redhat 19 Linux Kernel, Altavault, Baseboard Management Controller and 16 more 2024-11-21 7.8 High
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
CVE-2019-14378 2 Libslirp Project, Redhat 7 Libslirp, Advanced Virtualization, Enterprise Linux and 4 more 2024-11-21 N/A
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
CVE-2019-14283 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 N/A
In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.
CVE-2019-13767 5 Debian, Fedoraproject, Google and 2 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 8.8 High
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13764 6 Debian, Fedoraproject, Google and 3 more 10 Debian Linux, Fedora, Chrome and 7 more 2024-11-21 8.8 High
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13763 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 4.3 Medium
Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
CVE-2019-13762 5 Debian, Fedoraproject, Google and 2 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 3.3 Low
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
CVE-2019-13761 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 4.3 Medium
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13759 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 4.3 Medium
Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-13758 4 Debian, Fedoraproject, Google and 1 more 9 Debian Linux, Fedora, Android and 6 more 2024-11-21 4.3 Medium
Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-13757 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 4.3 Medium
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13756 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 4.3 Medium
Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-13755 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 4.3 Medium
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.
CVE-2019-13754 4 Debian, Fedoraproject, Google and 1 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 4.3 Medium
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-13753 5 Canonical, Debian, Fedoraproject and 2 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2024-11-21 6.5 Medium
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2019-13752 5 Canonical, Debian, Fedoraproject and 2 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2024-11-21 6.5 Medium
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2019-13751 5 Canonical, Debian, Fedoraproject and 2 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2024-11-21 6.5 Medium
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2019-13750 5 Canonical, Debian, Fedoraproject and 2 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2024-11-21 6.5 Medium
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.