CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2020-16022 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16022
07 Dec 2020 — Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page. Una aplicación insuficiente de políticas en networking en Google Chrome versiones anteriores a 87.0.4280.66, permitió a un atacante remoto omitir potencialmente los controles del firewall por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16028 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16028
07 Dec 2020 — Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en WebRTC en Google Chrome versiones anteriores a 87.0.4280.66, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution ... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16018 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16018
07 Dec 2020 — Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en payments en Google Chrome versiones anteriores a 87.0.4280.66, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been f... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-16020 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16020
07 Dec 2020 — Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file. Una implementación inapropiada en cryptohome en Google Chrome en ChromeOS versiones anteriores a 87.0.4280.66, permitió a un atacante remoto que había comprometido el proceso del navegador omitir el control de acceso discrecional por medio de un archivo malicioso Multiple vulnerabilities ha... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html •
CVSS: 6.5EPSS: 78%CPEs: 1EXPL: 5CVE-2020-16040 – Google Chrome 86.0.4240 V8 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-16040
07 Dec 2020 — Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una comprobación insuficiente de datos en V8 en Google Chrome versiones anteriores a 87.0.4280.88, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution ... • https://packetstorm.news/files/id/162106 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 2EXPL: 1CVE-2020-16024 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16024
07 Dec 2020 — Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en UI de Google Chrome versiones anteriores a 87.0.4280.66, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in C... • https://packetstorm.news/files/id/161353 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16027 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16027
07 Dec 2020 — Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension. La aplicación de políticas insuficiente en developer tools en Google Chrome versiones anteriores a 87.0.4280.66, permitió a un atacante que convenció a un usuario de instalar una extensión maliciosa para conseguir información potencialmente confidenci... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16032 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16032
07 Dec 2020 — Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una comprobación insuficiente de datos en sharing en Google Chrome versiones anteriores a 87.0.4280.66, permitió a un atacante remoto falsificar el contenido del Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the a... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16014 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16014
07 Dec 2020 — Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en PPAPI en Google Chrome versiones anteriores a 87.0.4280.66, permitía a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found i... • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-16038 – Gentoo Linux Security Advisory 202012-05
https://notcve.org/view.php?id=CVE-2020-16038
07 Dec 2020 — Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en media en Google Chrome en OS X versiones anteriores a 87.0.4280.88, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary... • https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •