VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2021-21183MedMar 9, 2021
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21147MedFeb 9, 2021
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2020-16034MedJan 8, 2021
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page.

  • CVE-2020-16033MedJan 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2020-16032MedJan 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2020-16031MedJan 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2020-16012MedJan 8, 2021
    risk 0.28cvss 4.3epss 0.02

    Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2020-6571MedSep 21, 2020
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

  • CVE-2020-6570MedSep 21, 2020
    risk 0.28cvss 4.3epss 0.01

    Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.

  • CVE-2020-15966MedSep 21, 2020
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.

  • CVE-2020-15959MedSep 21, 2020
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.

  • CVE-2020-6536MedJul 22, 2020
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.

  • CVE-2020-6531MedJul 22, 2020
    risk 0.28cvss 4.3epss 0.02

    Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2020-6529MedJul 22, 2020
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.

  • CVE-2020-6528MedJul 22, 2020
    risk 0.28cvss 4.3epss 0.02

    Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2020-6527MedJul 22, 2020
    risk 0.28cvss 4.3epss 0.02

    Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2020-6516MedJul 22, 2020
    risk 0.28cvss 4.3epss 0.05

    Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2020-6504MedJun 3, 2020
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page.

  • CVE-2020-6490MedMay 21, 2020
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.

  • CVE-2020-6489MedMay 21, 2020
    risk 0.28cvss 4.3epss 0.02

    Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.

Page 168 of 269