CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6452 – chromium-browser: Heap buffer overflow in media
https://notcve.org/view.php?id=CVE-2020-6452
13 Apr 2020 — Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de búfer de la pila (heap) en media en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attacke... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-6450 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6450
13 Apr 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6451 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6451
13 Apr 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6448 – chromium-browser: Use after free in V8
https://notcve.org/view.php?id=CVE-2020-6448
13 Apr 2020 — Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en V8 en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arb... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6447 – chromium-browser: Inappropriate implementation in developer tools
https://notcve.org/view.php?id=CVE-2020-6447
13 Apr 2020 — Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools (herramientas de desarrollo) para explotar potencialmente una corrupción de la pila (heap) por medio de u... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6445 – chromium-browser: Insufficient policy enforcement in trusted types
https://notcve.org/view.php?id=CVE-2020-6445
13 Apr 2020 — Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6446 – chromium-browser: Insufficient policy enforcement in trusted types
https://notcve.org/view.php?id=CVE-2020-6446
13 Apr 2020 — Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6444 – chromium-browser: Uninitialized use in WebRTC
https://notcve.org/view.php?id=CVE-2020-6444
13 Apr 2020 — Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso no inicializado en WebRTC en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary c... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-908: Use of Uninitialized Resource •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2020-6443 – chromium-browser: Insufficient data validation in developer tools
https://notcve.org/view.php?id=CVE-2020-6443
13 Apr 2020 — Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page. Una comprobación insuficiente de datos en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools ejecutar código arbitrario por medio de una página HTML diseñada. Multiple vulnerabilities have been found in ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6441 – chromium-browser: Insufficient policy enforcement in omnibox
https://notcve.org/view.php?id=CVE-2020-6441
13 Apr 2020 — Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. Una aplicación insuficiente de la política en omnibox en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir la Interfaz de Usuario de seguridad por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitr... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •