CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6454 – chromium-browser: Use after free in extensions
https://notcve.org/view.php?id=CVE-2020-6454
13 Apr 2020 — Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Un uso de la memoria previamente liberada en extensions en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante, que convenció a un usuario instalar una extensión maliciosa, explotar potencialmente una corrupción de la pila (heap) por medio de una Extensión de Chrome diseñada. ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-6450 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6450
13 Apr 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6451 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6451
13 Apr 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada de WebAudio en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6448 – chromium-browser: Use after free in V8
https://notcve.org/view.php?id=CVE-2020-6448
13 Apr 2020 — Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en V8 en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arb... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6447 – chromium-browser: Inappropriate implementation in developer tools
https://notcve.org/view.php?id=CVE-2020-6447
13 Apr 2020 — Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools (herramientas de desarrollo) para explotar potencialmente una corrupción de la pila (heap) por medio de u... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6446 – chromium-browser: Insufficient policy enforcement in trusted types
https://notcve.org/view.php?id=CVE-2020-6446
13 Apr 2020 — Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6445 – chromium-browser: Insufficient policy enforcement in trusted types
https://notcve.org/view.php?id=CVE-2020-6445
13 Apr 2020 — Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6444 – chromium-browser: Uninitialized use in WebRTC
https://notcve.org/view.php?id=CVE-2020-6444
13 Apr 2020 — Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso no inicializado en WebRTC en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary c... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-908: Use of Uninitialized Resource •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2020-6443 – chromium-browser: Insufficient data validation in developer tools
https://notcve.org/view.php?id=CVE-2020-6443
13 Apr 2020 — Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page. Una comprobación insuficiente de datos en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools ejecutar código arbitrario por medio de una página HTML diseñada. Multiple vulnerabilities have been found in ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 1CVE-2020-6442 – chromium-browser: Inappropriate implementation in cache
https://notcve.org/view.php?id=CVE-2020-6442
13 Apr 2020 — Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada en cache en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less th... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-668: Exposure of Resource to Wrong Sphere •