CVE-2019-5848

Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes for Windows installed on the remote Windows host is prior to 12.9.5. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210124 advisory. - An application may be able to gain elevated privileges CVE-2019-8577 - A maliciously crafted SQL query...

Apple iTunes for Windows < 12.9.5 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes for Windows installed on the remote Windows host is prior to 12.9.5. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210124 advisory. - An application may be able to gain elevated privileges CVE-2019-8577 - A maliciously crafted SQL query...

CVE-2019-5810

Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2019-5818

Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file...

CVE-2018-6159

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2018-6171

Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...

CVE-2018-6168

Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2018-6171

Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...

Design/Logic Flaw

Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2019-5810

Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2018-6159

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Design/Logic Flaw

Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2018-6171

Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension...

CVE-2019-5818

Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file...

Design/Logic Flaw

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2018-6168

Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2018-6132

Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file...

CVE-2018-6171

CVE-2018-6171 is a WebBluetooth use-after-free vulnerability in Google Chrome/Chromium before version 68.0.3440.75. The flaw occurs in the WebBluetooth implementation and could allow a remote attacker who convinces a user to install a malicious extension to read potentially sensitive information ...

CVE-2019-5818

Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file...