Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2019
CVE-2019-13763
Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
CVSS Score
4.3
EPSS Score
0.02
Published
2019-12-10
CVE-2019-13764
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.407
Published
2019-12-10
CVE-2019-1332
A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'.
CVSS Score
6.1
EPSS Score
0.021
Published
2019-12-10
CVE-2019-1400
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.
CVSS Score
5.5
EPSS Score
0.017
Published
2019-12-10
CVE-2019-13745
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.024
Published
2019-12-10
CVE-2019-13746
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.019
Published
2019-12-10
CVE-2019-13747
Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.024
Published
2019-12-10
CVE-2019-13748
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.008
Published
2019-12-10
CVE-2019-13749
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.019
Published
2019-12-10
CVE-2019-13750
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-12-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved