VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2021-21182MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.

  • CVE-2021-21181MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2021-21178MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-21176MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-21175MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21173MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21171MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-21170MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-21168MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2021-21164MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.01

    Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21163MedMar 9, 2021
    risk 0.42cvss 6.5epss 0.01

    Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.

  • CVE-2021-21133MedFeb 9, 2021
    risk 0.42cvss 6.5epss 0.03

    Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page.

  • CVE-2020-16042MedJan 8, 2021
    risk 0.42cvss 6.5epss 0.01

    Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2020-16036MedJan 8, 2021
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via a crafted HTML page.

  • CVE-2020-16027MedJan 8, 2021
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.

  • CVE-2020-6557MedNov 3, 2020
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

  • CVE-2020-15986MedNov 3, 2020
    risk 0.42cvss 6.5epss 0.01

    Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15985MedNov 3, 2020
    risk 0.42cvss 6.5epss 0.02

    Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2020-15984MedNov 3, 2020
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.

  • CVE-2020-15982MedNov 3, 2020
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Page 130 of 269