Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google
Filtered by product Chrome
Angry Yack Logo
Total 3816 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6390 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6389 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
CVE-2020-6388 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6387 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
CVE-2020-6386 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6385 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2020-6384 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6383 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6382 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6381 6 Debian, Fedoraproject, Google and 3 more 11 Debian Linux, Fedora, Android and 8 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6380 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension.
CVE-2020-6379 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6378 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6377 5 Debian, Fedoraproject, Google and 2 more 7 Debian Linux, Fedora, Chrome and 4 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-36765 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Insufficient policy enforcement in Navigation in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2020-16046 2 Apple, Google 2 Iphone Os, Chrome 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2020-16045 1 Google 2 Android, Chrome 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16044 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.
CVE-2020-16043 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
CVE-2020-16042 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-16041 1 Google 1 Chrome 2024-11-21 5.8 MEDIUM 8.1 HIGH
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-16040 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16039 1 Google 1 Chrome 2024-11-21 9.3 HIGH 8.8 HIGH
Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16038 1 Google 2 Chrome, Chrome Os 2024-11-21 9.3 HIGH 8.8 HIGH
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16037 1 Google 1 Chrome 2024-11-21 9.3 HIGH 8.8 HIGH
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16036 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via a crafted HTML page.
CVE-2020-16035 1 Google 2 Chrome, Chrome Os 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
CVE-2020-16034 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page.
CVE-2020-16033 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2020-16032 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-16031 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-16030 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
CVE-2020-16029 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.
CVE-2020-16028 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16027 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.
CVE-2020-16026 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16025 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16024 1 Google 2 Chrome, Chrome Os 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16023 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16022 4 Apple, Google, Linux and 1 more 7 Macos, Android, Chrome and 4 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page.