Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3051 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6444 1 Google 1 Chrome 2021-07-21 6.8 MEDIUM 6.3 MEDIUM
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6514 6 Apple, Canonical, Debian and 3 more 11 Ipados, Iphone Os, Safari and 8 more 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
CVE-2020-6473 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-6550 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-07-21 9.3 HIGH 8.8 HIGH
Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6436 1 Google 1 Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15979 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6438 1 Google 1 Chrome 2021-07-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
CVE-2020-16038 1 Google 2 Chrome, Chrome Os 2021-07-21 9.3 HIGH 8.8 HIGH
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6400 2 Google, Opensuse 2 Chrome, Backports Sle 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6390 1 Google 1 Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6467 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6384 1 Google 1 Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16002 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2020-6398 2 Google, Opensuse 2 Chrome, Backports Sle 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2020-6530 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2020-16037 1 Google 1 Chrome 2021-07-21 9.3 HIGH 8.8 HIGH
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6545 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6542 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6543 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6404 2 Google, Opensuse 2 Chrome, Backports Sle 2021-07-21 4.6 MEDIUM 7.8 HIGH
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5777 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2020-6552 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-07-21 9.3 HIGH 8.8 HIGH
Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6503 1 Google 1 Chrome 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-6576 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16023 1 Google 1 Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6397 2 Google, Opensuse 2 Chrome, Backports Sle 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2020-16015 1 Google 1 Chrome 2021-07-21 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6551 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-07-21 9.3 HIGH 8.8 HIGH
Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21198 2 Fedoraproject, Google 2 Fedora, Chrome 2021-06-07 4.3 MEDIUM 7.4 HIGH
Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21205 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-03 5.8 MEDIUM 8.1 HIGH
Insufficient policy enforcement in navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-21226 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-03 6.8 MEDIUM 9.6 CRITICAL
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21208 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-03 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code.
CVE-2021-21207 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-03 6.8 MEDIUM 8.6 HIGH
Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21206 2 Fedoraproject, Google 2 Fedora, Chrome 2021-06-03 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21232 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-02 6.8 MEDIUM 8.8 HIGH
Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21233 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2021-06-02 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21201 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-02 6.8 MEDIUM 9.6 CRITICAL
Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21199 2 Fedoraproject, Google 2 Fedora, Chrome 2021-06-02 6.8 MEDIUM 8.8 HIGH
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21204 4 Apple, Debian, Fedoraproject and 1 more 4 Mac Os X, Debian Linux, Fedora and 1 more 2021-06-01 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21202 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-01 6.8 MEDIUM 8.6 HIGH
Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21203 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-01 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21197 2 Fedoraproject, Google 2 Fedora, Chrome 2021-06-01 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21196 3 Fedoraproject, Google, Microsoft 3 Fedora, Chrome, Windows 2021-06-01 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195 2 Fedoraproject, Google 2 Fedora, Chrome 2021-06-01 6.8 MEDIUM 8.8 HIGH
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21194 2 Fedoraproject, Google 2 Fedora, Chrome 2021-06-01 6.8 MEDIUM 8.8 HIGH
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21211 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-01 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21212 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-01 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP.
CVE-2021-21209 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-01 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-21213 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-01 6.8 MEDIUM 8.8 HIGH
Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21214 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2021-06-01 6.8 MEDIUM 8.8 HIGH
Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension.