Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google
Filtered by product Chrome
Angry Yack Logo
Total 3816 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6432 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2020-6431 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2020-6430 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6429 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6428 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6427 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6426 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6425 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 5.8 MEDIUM 5.4 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.
CVE-2020-6424 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6423 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Chrome and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6422 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6420 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2020-6419 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds write in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6417 1 Google 1 Chrome 2024-11-21 4.6 MEDIUM 7.8 HIGH
Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.
CVE-2020-6416 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6415 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6414 2 Google, Opensuse 2 Chrome, Backports Sle 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2020-6413 2 Google, Opensuse 2 Chrome, Backports Sle 2024-11-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.
CVE-2020-6412 2 Google, Opensuse 2 Chrome, Backports Sle 2024-11-21 5.8 MEDIUM 5.4 MEDIUM
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2020-6411 1 Google 1 Chrome 2024-11-21 5.8 MEDIUM 5.4 MEDIUM
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2020-6410 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.
CVE-2020-6409 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.
CVE-2020-6408 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
CVE-2020-6407 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6406 5 Debian, Fedoraproject, Google and 2 more 8 Debian Linux, Fedora, Chrome and 5 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6405 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-6404 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6403 7 Apple, Debian, Fedoraproject and 4 more 10 Iphone Os, Debian Linux, Fedora and 7 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6402 7 Apple, Debian, Fedoraproject and 4 more 10 Macos, Debian Linux, Fedora and 7 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
CVE-2020-6401 2 Google, Opensuse 2 Chrome, Backports Sle 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2020-6400 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6399 2 Google, Opensuse 2 Chrome, Backports Sle 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6398 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2020-6397 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2020-6396 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6395 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-6394 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 5.8 MEDIUM 5.4 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6393 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6392 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
CVE-2020-6391 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.