Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:google:chrome:83.0.4103.106:*:*:*:*:android:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-6523 |
Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2020-6522 |
Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 9.6 CRITICAL V2.0: 6.8 MEDIUM |
CVE-2020-6521 |
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-6520 |
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2020-6519 |
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-6518 |
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2020-6517 |
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2020-6516 |
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-6515 |
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2020-6514 |
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-6513 |
Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-6512 |
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2020-6511 |
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-6510 |
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2020-6509 |
Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Published: July 22, 2020; 1:15:13 PM -0400 |
V3.1: 9.6 CRITICAL V2.0: 6.8 MEDIUM |
CVE-2019-8075 |
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. Published: September 27, 2019; 12:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-6662 |
Google Chrome caches TLS sessions before certificate validation occurs. Published: April 13, 2017; 1:59:00 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2012-4930 |
The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack. Published: September 15, 2012; 2:55:03 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2012-4929 |
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a "CRIME" attack. Published: September 15, 2012; 2:55:03 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2012-2647 |
Yahoo! Toolbar 1.0.0.5 and earlier for Chrome and Safari allows remote attackers to modify the configured search URL, and intercept search terms, via a crafted web page. Published: July 31, 2012; 6:45:42 AM -0400 |
V3.x:(not available) V2.0: 5.8 MEDIUM |