Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleChrome

260 matches found

CVE
CVEadded 2020/05/21 4:15 a.m.268 views

CVE-2020-6488

Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

4.3CVSS5AI score0.00716EPSS
CVE
CVEadded 2020/03/23 4:15 p.m.267 views

CVE-2020-6422

Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.02877EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.267 views

CVE-2020-6530

Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

8.8CVSS8.7AI score0.01268EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.266 views

CVE-2020-6392

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

4.3CVSS5.1AI score0.01736EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.266 views

CVE-2020-6469

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

9.6CVSS8.7AI score0.00702EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.265 views

CVE-2020-6513

Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8CVSS8.9AI score0.0188EPSS
CVE
CVEadded 2020/03/23 4:15 p.m.264 views

CVE-2020-6426

Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5CVSS6.8AI score0.0126EPSS
CVE
CVEadded 2020/04/13 6:15 p.m.264 views

CVE-2020-6436

Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.01485EPSS
CVE
CVEadded 2020/04/13 6:15 p.m.264 views

CVE-2020-6448

Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.01485EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.263 views

CVE-2020-6389

Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.

8.8CVSS8.5AI score0.01437EPSS
CVE
CVEadded 2020/04/13 6:15 p.m.263 views

CVE-2020-6431

Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.

4.3CVSS4.8AI score0.00798EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.263 views

CVE-2020-6464

Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.00916EPSS
CVE
CVEadded 2020/06/03 11:15 p.m.263 views

CVE-2020-6495

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

6.5CVSS7AI score0.00518EPSS
CVE
CVEadded 2020/04/13 6:15 p.m.262 views

CVE-2020-6454

Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

8.8CVSS8.8AI score0.00783EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.262 views

CVE-2020-6510

Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

7.8CVSS8.2AI score0.00302EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.261 views

CVE-2020-6397

Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.

6.5CVSS6.3AI score0.01371EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.261 views

CVE-2020-6416

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.03871EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.261 views

CVE-2020-6465

Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.1AI score0.01485EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.261 views

CVE-2020-6476

Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

6.5CVSS6.7AI score0.00582EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.261 views

CVE-2020-6485

Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.

6.5CVSS6.5AI score0.00544EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.261 views

CVE-2020-6523

Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3CVSS8.7AI score0.0307EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.260 views

CVE-2020-6505

Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.2AI score0.00621EPSS
CVE
CVEadded 2020/04/13 6:15 p.m.259 views

CVE-2020-6450

Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00795EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.258 views

CVE-2020-6378

Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.0065EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.258 views

CVE-2020-6382

Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02899EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.258 views

CVE-2020-6406

Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.02899EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.258 views

CVE-2020-6415

Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02899EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.258 views

CVE-2020-6511

Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.5AI score0.01653EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.257 views

CVE-2020-6471

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

9.6CVSS8.7AI score0.00856EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.256 views

CVE-2020-6381

Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.02899EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.256 views

CVE-2020-6398

Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8CVSS8.4AI score0.02186EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.256 views

CVE-2020-6527

Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.

4.3CVSS5AI score0.00623EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.255 views

CVE-2020-6461

Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.2AI score0.0109EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.255 views

CVE-2020-6462

Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9.2AI score0.0109EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.255 views

CVE-2020-6484

Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request.

6.5CVSS6.6AI score0.00716EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.255 views

CVE-2020-6491

Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name.

6.5CVSS6.5AI score0.00817EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.254 views

CVE-2020-6393

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.01447EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.254 views

CVE-2020-6413

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.

8.8CVSS7.7AI score0.00866EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.253 views

CVE-2020-6512

Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3CVSS8.6AI score0.04245EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.252 views

CVE-2020-6388

Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.01946EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.252 views

CVE-2020-6390

Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.5AI score0.03893EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.252 views

CVE-2020-6410

Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.

8.8CVSS7.8AI score0.01557EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.252 views

CVE-2020-6481

Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name.

6.5CVSS6.6AI score0.01409EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.251 views

CVE-2020-6534

Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.9AI score0.01591EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.250 views

CVE-2020-6396

Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

4.3CVSS4.7AI score0.01371EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.250 views

CVE-2020-6486

Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5CVSS6.5AI score0.00968EPSS
CVE
CVEadded 2020/07/22 5:15 p.m.250 views

CVE-2020-6536

Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.

4.3CVSS5.1AI score0.01606EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.249 views

CVE-2020-6399

Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.01087EPSS
CVE
CVEadded 2020/02/11 3:15 p.m.248 views

CVE-2020-6387

Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.

8.8CVSS8.5AI score0.01437EPSS
CVE
CVEadded 2020/05/21 4:15 a.m.248 views

CVE-2020-6468

Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.42466EPSS
Total number of security vulnerabilities260