CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-6464 – chromium-browser: Type Confusion in Blink
https://notcve.org/view.php?id=CVE-2020-6464
12 May 2020 — Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en Blink en Google Chrome versiones anteriores a la versión 81.0.4044.138, permitió a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML especialmente diseñada A type confusion flaw was reported in the Blink component of the Chromium browser. Multiple vulnerabilities have been found in Chro... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00056.html • CWE-787: Out-of-bounds Write CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6462 – chromium-browser: Use after free in task scheduling
https://notcve.org/view.php?id=CVE-2020-6462
30 Apr 2020 — Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en task scheduling en Google Chrome versiones anteriores a la versión 81.0.4044.129, permitió a un atacante remoto que había comprometido el proceso de renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada A flaw was... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6461 – chromium-browser: Use after free in storage
https://notcve.org/view.php?id=CVE-2020-6461
30 Apr 2020 — Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en storage en Google Chrome versiones anteriores a la versión 81.0.4044.129, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML especialmente diseñada. Multiple v... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-6459 – chromium-browser: Use after free in payments
https://notcve.org/view.php?id=CVE-2020-6459
23 Apr 2020 — Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en payments en Google Chrome versiones anteriores a 81.0.4044.122, permitió a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Issues addresse... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6460 – chromium-browser: Insufficient data validation in URL formatting
https://notcve.org/view.php?id=CVE-2020-6460
23 Apr 2020 — Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name. Una comprobación insuficiente de datos en URL formatting en Google Chrome versiones anteriores a 81.0.4044.122, permitió a un atacante remoto llevar a cabo una suplantación de dominio por medio de un nombre de dominio diseñado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Is... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6458 – chromium-browser: Out of bounds read and write in PDFium
https://notcve.org/view.php?id=CVE-2020-6458
23 Apr 2020 — Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Una lectura y escritura fuera de límites en PDFium en Google Chrome versiones anteriores a 81.0.4044.122, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de un archivo PDF diseñado. . Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Issues... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6457 – chromium-browser: Use after free in speech recognizer
https://notcve.org/view.php?id=CVE-2020-6457
21 Apr 2020 — Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en speech recognizer en Google Chrome versiones anteriores a la versión 81.0.4044.113, permitió a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una página HTML especialmente diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst ... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6455 – chromium-browser: Out of bounds read in WebSQL
https://notcve.org/view.php?id=CVE-2020-6455
13 Apr 2020 — Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una lectura fuera de límites en WebSQL en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbi... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 27%CPEs: 8EXPL: 0CVE-2020-6456 – chromium-browser: Insufficient validation of untrusted input in clipboard
https://notcve.org/view.php?id=CVE-2020-6456
13 Apr 2020 — Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. Una comprobación entrada insuficiente no confiable en clipboard en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante local omitir el aislamiento del sitio por medio de contenidos del portapapeles diseñados. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow r... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6452 – chromium-browser: Heap buffer overflow in media
https://notcve.org/view.php?id=CVE-2020-6452
13 Apr 2020 — Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de búfer de la pila (heap) en media en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attacke... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •