Search
575 CVEs · Medium severity
CVEs (575, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 575 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-10998 | MEDIUM | Patched | 4.0 | 2026-06-04 | Out of bounds read in Media in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform an out of bounds memory read via malicious n… |
| CVE-2026-10997 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass di… |
| CVE-2026-10996 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium se… |
| CVE-2026-10994 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted H… |
| CVE-2026-10993 | MEDIUM | Patched | 6.5 | 2026-06-04 | Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted… |
| CVE-2026-10992 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory … |
| CVE-2026-10985 | MEDIUM | Patched | 6.5 | 2026-06-04 | Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10984 | MEDIUM | Patched | 5.4 | 2026-06-04 | Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (… |
| CVE-2026-10981 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cros… |
| CVE-2026-10980 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass … |
| CVE-2026-10979 | MEDIUM | Patched | 6.5 | 2026-06-04 | Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted … |
| CVE-2026-10977 | MEDIUM | Patched | 6.5 | 2026-06-04 | Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted… |
| CVE-2026-10950 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chr… |
| CVE-2026-10944 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chr… |
| CVE-2026-10938 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation vi… |
| CVE-2026-10937 | MEDIUM | Patched | 6.5 | 2026-06-04 | Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium … |
| CVE-2026-10916 | MEDIUM | Patched | 6.1 | 2026-06-04 | Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject … |
| CVE-2026-10912 | MEDIUM | Patched | 6.5 | 2026-06-04 | Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypas… |
| CVE-2026-10875 | MEDIUM | 6.3 | 2026-06-04 | A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The m… | |
| CVE-2026-10874 | MEDIUM | 6.3 | 2026-06-04 | A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manip… | |
| CVE-2024-27891 | MEDIUM | 5.3 | 2026-06-04 | On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those … | |
| CVE-2023-5502 | MEDIUM | 5.9 | 2026-06-04 | On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious s… | |
| CVE-2026-42547 | MEDIUM | 5.4 | 2026-06-04 | IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for … | |
| CVE-2026-42543 | MEDIUM | 4.3 | 2026-06-04 | IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 are vulnerable to a cross-site r… | |
| CVE-2026-42540 | MEDIUM | 4.3 | 2026-06-04 | IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in … |