Vulnerabilities
Vulnerable Software
Microsoft:  >> Windows  Security Vulnerabilities
An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.006
Published
2026-05-22
Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0.
CVSS Score
5.9
EPSS Score
0.002
Published
2026-05-22
Insufficient session expiration vulnerability in syslink software AG Avantra on Linux, Windows allows Reusing Session IDs (aka Session Replay). This issue affects Avantra: before 25.3.1.
CVSS Score
9.6
EPSS Score
0.002
Published
2026-05-22
Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure. This issue affects Avantra: before 25.3.0.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-05-22
Use of default password vulnerability in syslink software AG Avantra on Linux, Windows allows Try Common or Default Usernames and Passwords. This issue affects Avantra: before 25.3.0.
CVSS Score
5.1
EPSS Score
0.001
Published
2026-05-22
Insufficient validation of untrusted input in Input in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
5.3
EPSS Score
0.003
Published
2026-05-20
Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
8.8
EPSS Score
0.004
Published
2026-05-20
Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
8.8
EPSS Score
0.003
Published
2026-05-20
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.004
Published
2026-05-20
Heap buffer overflow in WebRTC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.005
Published
2026-05-20


Contact Us

Shodan ® - All rights reserved