CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

4.3CVSS6.8AI score0.00656EPSS

DEBIAN-CVE-2020-16032

Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

8.8CVSS8.6AI score0.00893EPSS

DEBIAN-CVE-2020-16023

Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

NVD•added 2021/01/08 7:15 p.m.•17 views

CVE-2020-16027

Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension...

6.5CVSS6.8AI score0.00802EPSS

8.8CVSS7.3AI score0.00893EPSS

UBUNTU-CVE-2020-16023

Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UbuntuCve•added 2021/01/08 7:15 p.m.•20 views

CVE-2020-16025

Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS7.4AI score0.02255EPSS

UbuntuCve•added 2021/01/08 7:15 p.m.•20 views

CVE-2020-16019

8.8CVSS7.2AI score0.00858EPSS

8.8CVSS7.3AI score0.00934EPSS

UBUNTU-CVE-2020-16029

Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file...

OSV•added 2021/01/08 7:15 p.m.•0 views

UBUNTU-CVE-2020-16025

9.6CVSS7.6AI score0.02255EPSS

Cvelist•added 2021/01/08 5:53 p.m.•28 views

CVE-2020-16035

Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file...

8.3AI score0.00996EPSS

Cvelist•added 2021/01/08 5:52 p.m.•18 views

CVE-2020-16028

Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9AI score0.00928EPSS

Debian CVE•added 2021/01/08 5:49 p.m.•25 views

CVE-2020-16015

Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.1AI score0.0099EPSS

Exploits0

CISA•added 2020/11/19 12:0 a.m.•23 views

Google Releases Security Updates for Chrome

Google has released Chrome version 87.0.4280.66 for Windows, Mac, and Linux to address multiple vulnerabilities. Some of these vulnerabilities could allow an attacker to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrato...

7.1AI score

RedhatCVE•added 2020/11/18 6:39 p.m.•24 views

CVE-2020-16025

9.6CVSS2.4AI score0.02255EPSS

Exploits0References4

RedhatCVE•added 2020/11/18 6:39 p.m.•27 views

CVE-2020-16023

Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.8AI score0.00893EPSS

Exploits0References4

CNVD•added 2020/11/18 12:0 a.m.•3 views

Google Chrome cookies security bypass vulnerability

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions prior to Google chrome 87.0.4280.66 that stems from an improper implementation in cookies. An attacker can exploit this vulnerability to bypass security restrictions...

6.5CVSS8.8AI score0.00753EPSS