Filtered by vendor Google Subscriptions
Filtered by product Chrome Subscriptions
Total 3500 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-6491 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 6.5 Medium
Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name.
CVE-2020-6465 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 9.6 Critical
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-6516 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 4.3 Medium
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6504 2 Google, Redhat 2 Chrome, Rhel Extras 2024-08-04 4.3 Medium
Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page.
CVE-2020-6459 3 Debian, Google, Redhat 3 Debian Linux, Chrome, Rhel Extras 2024-08-04 8.8 High
Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6524 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 8.8 High
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6487 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 6.5 Medium
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2020-6492 1 Google 1 Chrome 2024-08-04 9.6 Critical
Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-6498 3 Apple, Debian, Google 3 Iphone Os, Debian Linux, Chrome 2024-08-04 6.5 Medium
Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2020-6477 4 Apple, Fedoraproject, Google and 1 more 5 Mac Os X, Fedora, Chrome and 2 more 2024-08-04 7.8 High
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file.
CVE-2020-6521 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 6.5 Medium
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-6519 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 6.5 Medium
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6525 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 8.8 High
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6490 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 4.3 Medium
Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.
CVE-2020-6501 2 Google, Redhat 2 Chrome, Rhel Extras 2024-08-04 6.5 Medium
Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6511 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 6.5 Medium
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6520 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 8.8 High
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6489 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 4.3 Medium
Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.
CVE-2020-6474 5 Debian, Fedoraproject, Google and 2 more 6 Debian Linux, Fedora, Chrome and 3 more 2024-08-04 8.8 High
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6494 4 Debian, Google, Opensuse and 1 more 6 Debian Linux, Android, Chrome and 3 more 2024-08-04 6.5 Medium
Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.