CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6460 – chromium-browser: Insufficient data validation in URL formatting
https://notcve.org/view.php?id=CVE-2020-6460
23 Apr 2020 — Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name. Una comprobación insuficiente de datos en URL formatting en Google Chrome versiones anteriores a 81.0.4044.122, permitió a un atacante remoto llevar a cabo una suplantación de dominio por medio de un nombre de dominio diseñado. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Is... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6458 – chromium-browser: Out of bounds read and write in PDFium
https://notcve.org/view.php?id=CVE-2020-6458
23 Apr 2020 — Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Una lectura y escritura fuera de límites en PDFium en Google Chrome versiones anteriores a 81.0.4044.122, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de un archivo PDF diseñado. . Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Issues... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-6459 – chromium-browser: Use after free in payments
https://notcve.org/view.php?id=CVE-2020-6459
23 Apr 2020 — Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en payments en Google Chrome versiones anteriores a 81.0.4044.122, permitió a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.122. Issues addresse... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2020-6457 – chromium-browser: Use after free in speech recognizer
https://notcve.org/view.php?id=CVE-2020-6457
21 Apr 2020 — Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de la memoria previamente liberada en speech recognizer en Google Chrome versiones anteriores a la versión 81.0.4044.113, permitió a un atacante remoto llevar a cabo potencialmente un escape del sandbox por medio de una página HTML especialmente diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst ... • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 27%CPEs: 8EXPL: 0CVE-2020-6456 – chromium-browser: Insufficient validation of untrusted input in clipboard
https://notcve.org/view.php?id=CVE-2020-6456
13 Apr 2020 — Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. Una comprobación entrada insuficiente no confiable en clipboard en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante local omitir el aislamiento del sitio por medio de contenidos del portapapeles diseñados. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow r... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6455 – chromium-browser: Out of bounds read in WebSQL
https://notcve.org/view.php?id=CVE-2020-6455
13 Apr 2020 — Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una lectura fuera de límites en WebSQL en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbi... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6454 – chromium-browser: Use after free in extensions
https://notcve.org/view.php?id=CVE-2020-6454
13 Apr 2020 — Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Un uso de la memoria previamente liberada en extensions en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante, que convenció a un usuario instalar una extensión maliciosa, explotar potencialmente una corrupción de la pila (heap) por medio de una Extensión de Chrome diseñada. ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6452 – chromium-browser: Heap buffer overflow in media
https://notcve.org/view.php?id=CVE-2020-6452
13 Apr 2020 — Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de búfer de la pila (heap) en media en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attacke... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-6450 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6450
13 Apr 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6451 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6451
13 Apr 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •