Total
124 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-21110 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2021-21111 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
CVE-2020-6466 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2020-6457 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2020-6465 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2020-6461 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2020-6462 | 2 Debian, Google | 2 Debian Linux, Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2020-6505 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2020-6469 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
CVE-2020-6522 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2020-6509 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
CVE-2020-6471 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
CVE-2020-6493 | 3 Debian, Google, Opensuse | 4 Debian Linux, Chrome, Backports and 1 more | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2016-5202 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2023-12-10 | 7.5 HIGH | 9.1 CRITICAL |
browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. | |||||
CVE-2016-9652 | 1 Google | 1 Chrome | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75. | |||||
CVE-2019-5870 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2019-5866 | 1 Google | 1 Chrome | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Out of bounds memory access in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2016-5194 | 1 Google | 1 Chrome | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Unspecified vulnerabilities in Google Chrome before 54.0.2840.59. | |||||
CVE-2019-5850 | 1 Google | 1 Chrome | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2018-6127 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2023-12-10 | 6.8 MEDIUM | 9.6 CRITICAL |
Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |