Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google
Angry Yack Logo
Total 13548 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-13698 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13697 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13696 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13695 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13694 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13693 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
CVE-2019-13692 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2019-13691 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient validation of untrusted input in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2019-13688 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13687 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13686 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13685 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13684 1 Google 1 Chrome 2024-11-21 2.6 LOW 5.3 MEDIUM
Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13683 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13682 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2019-13681 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
CVE-2019-13680 1 Google 1 Chrome 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Inappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections.
CVE-2019-13679 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 3.3 LOW
Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file.
CVE-2019-13678 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-13677 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2019-13676 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-13675 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page.
CVE-2019-13674 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13673 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 7.4 HIGH
Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13672 2 Apple, Google 2 Iphone Os, Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page on iOS.
CVE-2019-13671 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2019-13670 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13669 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2019-13668 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 7.4 HIGH
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13667 2 Apple, Google 2 Iphone Os, Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2019-13666 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 7.4 HIGH
Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-13665 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.
CVE-2019-13664 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-13663 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13662 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-13661 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.
CVE-2019-13660 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.
CVE-2019-13659 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2019-13098 2 Google, Tronlink 2 Android, Wallet 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
The user password via the registration form of TronLink Wallet 2.2.0 is stored in the log when the class CreateWalletTwoActivity is called. Other authenticated users can read it in the log later. The logged data can be read using Logcat on the device. When using platforms prior to Android 4.1 (Jelly Bean), the log data is not sandboxed per application; any application installed on the device has the capability to read data logged by other applications.
CVE-2019-12762 6 Fujitsu, Google, Mi and 3 more 16 Arrows Nx F05-f, Arrows Nx F05-f Firmware, Nexus 7 and 13 more 2024-11-21 1.9 LOW 4.2 MEDIUM
Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch.