Search
153,552 CVEs · Medium severity
CVEs (153,552, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 153,552 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-10998 | MEDIUM | Patched | 4.0 | 2026-06-04 | Out of bounds read in Media in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform an out of bounds memory read via malicious n… |
| CVE-2026-10999 | MEDIUM | Patched | 6.5 | 2026-06-04 | Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensit… |
| CVE-2026-11001 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform… |
| CVE-2026-10992 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory … |
| CVE-2026-10993 | MEDIUM | Patched | 6.5 | 2026-06-04 | Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted… |
| CVE-2026-10994 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted H… |
| CVE-2026-10979 | MEDIUM | Patched | 6.5 | 2026-06-04 | Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted … |
| CVE-2026-10980 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass … |
| CVE-2026-10981 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cros… |
| CVE-2026-10984 | MEDIUM | Patched | 5.4 | 2026-06-04 | Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (… |
| CVE-2026-10985 | MEDIUM | Patched | 6.5 | 2026-06-04 | Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10977 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted… |
| CVE-2026-10944 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chr… |
| CVE-2026-10950 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chr… |
| CVE-2026-10937 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium … |
| CVE-2026-10938 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation vi… |
| CVE-2026-10912 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypas… |
| CVE-2026-10916 | MEDIUM | Patched | 6.1 | 2026-06-04 | Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject … |
| CVE-2026-10874 | MEDIUM | 6.3 | 2026-06-04 | A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manip… | |
| CVE-2026-10875 | MEDIUM | 6.3 | 2026-06-04 | A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The m… | |
| CVE-2023-5502 | MEDIUM | 5.9 | 2026-06-04 | On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious s… | |
| CVE-2024-27891 | MEDIUM | 5.3 | 2026-06-04 | On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those … | |
| CVE-2026-42539 | MEDIUM | 6.5 | 2026-06-04 | IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the use… | |
| CVE-2026-42540 | MEDIUM | 4.3 | 2026-06-04 | IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in … | |
| CVE-2026-42543 | MEDIUM | 4.3 | 2026-06-04 | IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 are vulnerable to a cross-site r… |