VYPR

Vendor CVEs

Google

All CVEs

11,367 total · sorted by risk
  • CVE-2020-6525HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6524HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6523HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6520HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6518HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6517HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6515HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6513HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2020-6512HigJul 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-0194HigJun 11, 2020
    risk 0.57cvss 8.8epss 0.01

    In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0190HigJun 11, 2020
    risk 0.57cvss 8.8epss 0.01

    In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0168HigJun 11, 2020
    risk 0.57cvss 8.8epss 0.01

    In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv of impeg2_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0160HigJun 11, 2020
    risk 0.57cvss 8.8epss 0.01

    In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0131HigJun 11, 2020
    risk 0.57cvss 8.8epss 0.01

    In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-6496HigJun 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-6453HigJun 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6419HigJun 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2011-1805HigJun 3, 2020
    risk 0.57cvss 8.8epss 0.01

    Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6474HigMay 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6467HigMay 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6464HigMay 21, 2020
    risk 0.57cvss 8.8epss 0.02

    Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6463HigMay 21, 2020
    risk 0.57cvss 8.8epss 0.03

    Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6459HigMay 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6458HigMay 21, 2020
    risk 0.57cvss 8.8epss 0.01

    Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2020-6455HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6454HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

  • CVE-2020-6452HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6451HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6450HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6448HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6447HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6443HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.

  • CVE-2020-6439HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.

  • CVE-2020-6436HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6434HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6430HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6423HigApr 13, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6449HigMar 23, 2020
    risk 0.57cvss 8.8epss 0.03

    Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6429HigMar 23, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6428HigMar 23, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6427HigMar 23, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6424HigMar 23, 2020
    risk 0.57cvss 8.8epss 0.04

    Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6422HigMar 23, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6420HigMar 23, 2020
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

  • CVE-2020-0032HigMar 10, 2020
    risk 0.57cvss 8.8epss 0.02

    In ih264d_release_display_bufs of ih264d_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-6407HigFeb 27, 2020
    risk 0.57cvss 8.8epss 0.02

    Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6386HigFeb 27, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6384HigFeb 27, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6416HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6415HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 36 of 228