VYPR

Vendor CVEs

Google

All CVEs

11,418 total · sorted by risk
  • CVE-2020-6414HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2020-6413HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.

  • CVE-2020-6410HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.

  • CVE-2020-6409HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.

  • CVE-2020-6406HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6404HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6402HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.03

    Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.

  • CVE-2020-6398HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2020-6390HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.03

    Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6389HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.

  • CVE-2020-6388HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6387HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.

  • CVE-2020-6385HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.

  • CVE-2020-6382HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6381HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.02

    Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6380HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension.

  • CVE-2020-6379HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6378HigFeb 11, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2014-7224HigFeb 7, 2020
    risk 0.57cvss 8.8epss 0.02

    A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code.

  • CVE-2020-6377HigJan 10, 2020
    risk 0.57cvss 8.8epss 0.01

    Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-0002HigJan 8, 2020
    risk 0.57cvss 8.8epss 0.01

    In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: Android Versions: Android-8.0,…

  • CVE-2019-13747HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.01

    Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13741HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.

  • CVE-2019-13736HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.02

    Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2019-13735HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.02

    Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

  • CVE-2019-13732HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.01

    Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13730HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.02

    Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13729HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.01

    Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13728HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.02

    Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13727HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

  • CVE-2019-13726HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.02

    Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

  • CVE-2019-13725HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.02

    Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

  • CVE-2019-5843HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in JavaScript in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5841HigDec 10, 2019
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-2225HigDec 6, 2019
    risk 0.57cvss 8.8epss 0.00

    When pairing with a Bluetooth device, it may be possible to pair a malicious device without any confirmation from the user, and that device may be able to interact with the phone. This could lead to remote escalation of privilege with no additional execution privileges needed.…

  • CVE-2019-5878HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5877HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5876HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5874HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2019-5871HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5859HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2019-5858HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Incorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page.

  • CVE-2019-5856HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

  • CVE-2019-5854HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2019-5853HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-5851HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13724HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13723HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13721HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2019-13700HigNov 25, 2019
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Page 37 of 229