• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2023-0702
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2023-02-16
N/A
8.8 HIGH
Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-0701
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2023-02-16
N/A
8.8 HIGH
Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . (Chromium security severity: Medium)
CVE-2023-0700
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2023-02-16
N/A
6.5 MEDIUM
Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-0699
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2023-02-16
N/A
8.8 HIGH
Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. (Chromium security severity: Medium)
CVE-2023-0698
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2023-02-15
N/A
8.8 HIGH
Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2023-0697
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2023-02-15
N/A
6.5 MEDIUM
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: High)
CVE-2023-0696
Google
Admob, Android, Android_api, Android_browser, Android_debug_bridge, Android_one, Android_sdk, Android_sdk_platform_tools, Android_sdk_tools, Android_tv
2023-02-15
N/A
8.8 HIGH
Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-0690
Hashicorp
Boundary, Consul, Consul_docker_image, Consul_template, Go-getter, Go-slug, Nomad, Packer, Sentinel, Terraform
2023-02-18
N/A
7.1 HIGH
HashiCorp Boundary from 0.10.0 through 0.11.2 contain an issue where when using a PKI-based worker with a Key Management Service (KMS) defined in the configuration file, new credentials created after an automatic rotation may not have been encrypted via the intended KMS. This would result in the credentials being stored in plaintext on the Boundary PKI worker’s disk. This issue is fixed in version 0.12.0.
CVE-2023-0687
Gnu
A2ps, Adns, Anubis, Aspell, Aspell_dictionary, Automake, Bash, Bc, Binutils, Binutils_gold
2023-02-24
N/A
9.8 CRITICAL
** DISPUTED ** A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246 is the identifier assigned to this vulnerability. NOTE: The real existence of this vulnerability is still doubted at the moment. The inputs that induce this vulnerability are basically addresses of the running application that is built with gmon enabled. It's basically trusted input or input that needs an actual security flaw to be compromised or controlled.
CVE-2023-0686
Online Eyewear Shop Project
Online_eyewear_shop
2023-02-14
N/A
9.8 CRITICAL
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. This affects the function update_cart of the file /oews/classes/Master.php?f=update_cart of the component HTTP POST Request Handler. The manipulation of the argument cart_id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-220245 was assigned to this vulnerability.
« Previous 1 … 11,218 11,219 11,220 11,221 11,222 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE