967 matches found
CVE-2020-6479
Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page...
CVE-2020-6477
CVE-2020-6477 affects Google Chrome on macOS (OS X) before 83.0.4103.61. The issue is an inappropriate implementation in the installer that allows a local attacker to escalate privileges via a crafted file. Public references in the connected documents confirm the affected product and root cause, ...
CVE-2020-6478
Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 83 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 83.0.4103.61 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
CVE-2020-6447
CVE-2020-6447 describes an inappropriate implementation in the developer tools of Chromium/Google Chrome prior to 81.0.4044.92, which could allow a remote attacker who convinces a user to use DevTools to potentially exploit heap corruption via a crafted HTML page. Public sources (Arch Linux secur...
CVE-2020-6442
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2020-6440
CVE-2020-6440 concerns an insecure extension handling in Chromium/Google Chrome prior to 81.0.4044.92, caused by an inappropriate implementation in extensions. An attacker could exploit this by convincing a user to install a malicious extension, potentially leading to disclosure of sensitive info...
CVE-2020-6440
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...
CVE-2020-6440
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...
CVE-2020-6447
Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page...
RHEL 6 : chromium-browser (RHSA-2020:1350)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1350 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 80.0.3987.162. Security Fixes:...
CVE-2020-6426
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
RHEL 6 : chromium-browser (RHSA-2020:0514)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0514 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 80.0.3987.87. Security Fixes:...
CVE-2020-6409
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name...
CVE-2020-6404
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2020-6397
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page...
Hardcoded credentials
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page...
Input validation
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page...
CVE-2020-6409
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name...
CVE-2020-6404
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...