VYPR

Vendor CVEs

Google

All CVEs

11,367 total · sorted by risk
  • CVE-2021-21192HigMar 16, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21191HigMar 16, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21190HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

  • CVE-2021-21188HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.02

    Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21180HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.02

    Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21179HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21174HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2021-21169HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2021-21167HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21165HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21162HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21161HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21160HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21159HigMar 9, 2021
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21156HigFeb 22, 2021
    risk 0.57cvss 8.8epss 0.03

    Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.

  • CVE-2021-21153HigFeb 22, 2021
    risk 0.57cvss 8.8epss 0.01

    Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2021-21152HigFeb 22, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21149HigFeb 22, 2021
    risk 0.57cvss 8.8epss 0.01

    Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.

  • CVE-2021-0340HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for…

  • CVE-2021-0325HigFeb 10, 2021
    risk 0.57cvss 8.8epss 0.02

    In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-21145HigFeb 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21144HigFeb 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

  • CVE-2021-21143HigFeb 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

  • CVE-2020-16044HigFeb 9, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

  • CVE-2021-21116HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21114HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21113HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-21112HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16043HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.

  • CVE-2020-16039HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16038HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16037HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16035HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.

  • CVE-2020-16029HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.

  • CVE-2020-16028HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16026HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16023HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16022HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page.

  • CVE-2020-16020HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file.

  • CVE-2020-16019HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.

  • CVE-2020-16015HigJan 8, 2021
    risk 0.57cvss 8.8epss 0.01

    Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-0489HigDec 15, 2020
    risk 0.57cvss 8.8epss 0.01

    In Parse_data of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0451HigNov 10, 2020
    risk 0.57cvss 8.8epss 0.02

    In sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0449HigNov 10, 2020
    risk 0.57cvss 8.8epss 0.01

    In btm_sec_disconnected of btm_sec.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution in the Bluetooth server with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-16008HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.

  • CVE-2020-16006HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16005HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16004HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16003HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16002HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Page 34 of 228