VYPR

Vendor CVEs

Google

All CVEs

11,366 total · sorted by risk
  • CVE-2020-16001HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16000HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15998HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15997HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15996HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in passwords in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15995HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15992HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.

  • CVE-2020-15991HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15990HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15987HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.

  • CVE-2020-15979HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15978HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.

  • CVE-2020-15976HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15975HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15974HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.

  • CVE-2020-15972HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.03

    Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15971HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15970HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-15969HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15968HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15967HigNov 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-0416HigOct 14, 2020
    risk 0.57cvss 8.8epss 0.01

    In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-6576HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6559HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6556HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.03

    Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6553HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6552HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6548HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.03

    Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6545HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6544HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6543HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6542HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6540HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6539HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6537HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

  • CVE-2020-6532HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15965HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.03

    Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2020-15964HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.03

    Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15962HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2020-15960HigSep 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2020-0321HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.01

    In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0303HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.01

    In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0264HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.01

    In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-116718596

  • CVE-2020-0245HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.02

    In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-8913HigAug 12, 2020
    risk 0.57cvss 8.8epss 0.03

    A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the…

  • CVE-2020-0240HigAug 11, 2020
    risk 0.57cvss 8.8epss 0.02

    In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-6534HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6533HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.02

    Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6530HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

  • CVE-2020-6525HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 35 of 228