Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "86.0.4240.183",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html

lists.opensuse.org/opensuse-security-announce/2020-11/msg00017.html

packetstormsecurity.com/files/159974/Chrome-V8-Turbofan-Type-Confusion.html

chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html

crbug.com/1143772

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SC3U3H6AISVZB5PLZLLNF4HMQ4UFFL7M/

security.gentoo.org/glsa/202011-12

www.debian.org/security/2021/dsa-4824

veracode 1

nvd 1

cve 1

prion 1

gitlab 4

packetstorm 1

redhatcve 1

osv 3

zdt 1

checkpoint_advisories 1

attackerkb 3

cisa_kev 1

ubuntucve 1

cisa 1

debiancve 1

github 1

malwarebytes 2

threatpost 2

thn 3

ibm 1

ics 1

nessus 11

redhat 1

archlinux 1

openvas 7

suse 4

freebsd 1

kaspersky 2

chrome 1

gentoo 1

googleprojectzero 2

fedora 2

debian 1

qualysblog 1

mscve 1

veracode

Denial Of Service(DoS)

2020-12-21 18:50:30

nvd

CVE-2020-16009

2020-11-03 03:15:15

cve

CVE-2020-16009

2020-11-03 03:15:15

prion

Design/Logic Flaw

2020-11-03 03:15:00

gitlab

Access of Resource Using Incompatible Type ('Type Confusion')

2020-12-02 00:00:00

Access of Resource Using Incompatible Type ('Type Confusion')

2020-12-02 00:00:00

Access of Resource Using Incompatible Type ('Type Confusion')

2020-12-02 00:00:00

packetstorm

Chrome V8 Turbofan Type Confusion

2020-11-09 00:00:00

redhatcve

CVE-2020-16009

2020-11-03 18:07:25

osv

Inappropriate implementation in V8

2020-12-02 18:28:47

CVE-2020-16009

2020-11-03 03:15:15

chromium - security update

2021-01-01 00:00:00

zdt

Chrome V8 Turbofan Type Confusion Exploit

2020-11-09 00:00:00

checkpoint_advisories

Google Chrome Type Confusion (CVE-2020-16009)

2020-11-25 00:00:00

attackerkb

CVE-2020-16009

2020-11-03 00:00:00

CVE-2020-15999 Chrome Freetype 0day

2020-11-03 00:00:00

CVE-2020-17087 Windows Kernel local privilege escalation 0day

2020-11-11 00:00:00

cisa_kev

Google Chromium V8 Type Confusion Vulnerability

2021-11-03 00:00:00

ubuntucve

CVE-2020-16009

2020-11-03 00:00:00

cisa

Google Releases Security Updates for Chrome, CVE-2020-16009

2020-11-03 00:00:00

debiancve

CVE-2020-16009

2020-11-03 03:15:15

github

Inappropriate implementation in V8

2020-12-02 18:28:47

malwarebytes

Update your Chrome again as Google patches second zero-day in two weeks

2020-11-03 18:30:00

Hat trick for Google as it patches two more zero-days in Chrome

2020-11-12 21:16:34

threatpost

2 More Google Chrome Zero-Days Under Active Exploitation

2020-11-12 14:10:57

Two Chrome Browser Updates Plug Holes Actively Targeted by Exploits

2020-11-03 17:23:23

thn

Two New Chrome 0-Days Under Active Attacks – Update Your Browser

2020-11-12 03:36:00

New Chrome Zero-Day Under Active Attacks – Update Your Browser

2020-11-03 09:33:00

Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

2020-11-06 07:48:00

ibm

Security Bulletin: IBM Analyst's Notebook Premium uses a component with known vulnerabilities (CVE-2020-16013, CVE-2020-16009, CVE-2020-15999)

2021-07-23 15:10:10

ics

Rockwell Automation Connected Components Workbench

2023-09-21 12:00:00

nessus

RHEL 6 : chromium-browser (RHSA-2020:4974)

2020-11-09 00:00:00

Google Chrome < 86.0.4240.183 Multiple Vulnerabilities

2020-11-02 00:00:00

openSUSE Security Update : chromium (openSUSE-2020-1831)

2020-11-06 00:00:00

redhat

(RHSA-2020:4974) Important: chromium-browser security update

2020-11-09 09:09:10

archlinux

[ASA-202011-2] chromium: multiple issues

2020-11-03 00:00:00

openvas

openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1831-1)

2020-11-06 00:00:00

Google Chrome Security Update (stable-channel-update-for-desktop-2020-11) - Linux

2020-11-05 00:00:00

Google Chrome Security Update (stable-channel-update-for-desktop-2020-11) - Windows

2020-11-05 00:00:00

suse

Security update for chromium (important)

2020-11-05 00:00:00

Security update for chromium (important)

2020-11-16 00:00:00

Security update for opera (important)

2020-11-17 00:00:00

freebsd

chromium -- multiple vulnerabilities

2020-11-02 00:00:00

kaspersky

KLA12014 Multiple vulnerabilities in Opera

2020-11-10 00:00:00

KLA11990 Multiple vulnerabilities in Google Chrome

2020-11-02 00:00:00

chrome

Stable Channel Update for Desktop

2020-11-02 00:00:00

gentoo

Chromium, Google Chrome: Multiple vulnerabilities

2020-11-11 00:00:00

googleprojectzero

In-the-Wild Series: October 2020 0-day discovery

2021-03-18 00:00:00

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

fedora

[SECURITY] Fedora 32 Update: chromium-87.0.4280.66-1.fc32

2020-11-24 01:23:14

[SECURITY] Fedora 33 Update: chromium-86.0.4240.183-1.fc33

2020-11-14 01:13:13

debian

[SECURITY] [DSA 4824-1] chromium security update

2021-01-01 18:49:56

qualysblog

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

mscve

Chromium Security Updates for Microsoft Edge (Chromium-Based)

2020-01-28 08:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9 High

AI Score

Confidence

High

0.805 High

EPSS

Percentile

98.3%

JSON

Related for CVELIST:CVE-2020-16009