VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2020-6475MedMay 21, 2020
    risk 0.42cvss 6.5epss 0.02

    Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2020-6473MedMay 21, 2020
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2020-6472MedMay 21, 2020
    risk 0.42cvss 6.5epss 0.01

    Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.

  • CVE-2020-6460MedMay 21, 2020
    risk 0.42cvss 6.5epss 0.01

    Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name.

  • CVE-2020-6456MedApr 13, 2020
    risk 0.42cvss 6.5epss 0.01

    Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.

  • CVE-2020-6446MedApr 13, 2020
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2020-6445MedApr 13, 2020
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2020-6426MedMar 23, 2020
    risk 0.42cvss 6.5epss 0.03

    Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6408MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.

  • CVE-2020-6405MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.03

    Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2020-6401MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.02

    Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

  • CVE-2020-6400MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.02

    Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2020-6399MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2020-6397MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.02

    Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2020-6395MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.02

    Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2020-6393MedFeb 11, 2020
    risk 0.42cvss 6.5epss 0.02

    Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2010-3917MedFeb 6, 2020
    risk 0.42cvss 6.5epss 0.01

    Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.

  • CVE-2019-13722MedJan 14, 2020
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5846MedJan 3, 2020
    risk 0.42cvss 6.5epss 0.01

    Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5845MedJan 3, 2020
    risk 0.42cvss 6.5epss 0.01

    Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 133 of 269