CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6448 – chromium-browser: Use after free in V8
https://notcve.org/view.php?id=CVE-2020-6448
13 Apr 2020 — Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en V8 en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arb... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6447 – chromium-browser: Inappropriate implementation in developer tools
https://notcve.org/view.php?id=CVE-2020-6447
13 Apr 2020 — Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools (herramientas de desarrollo) para explotar potencialmente una corrupción de la pila (heap) por medio de u... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6445 – chromium-browser: Insufficient policy enforcement in trusted types
https://notcve.org/view.php?id=CVE-2020-6445
13 Apr 2020 — Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6446 – chromium-browser: Insufficient policy enforcement in trusted types
https://notcve.org/view.php?id=CVE-2020-6446
13 Apr 2020 — Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6444 – chromium-browser: Uninitialized use in WebRTC
https://notcve.org/view.php?id=CVE-2020-6444
13 Apr 2020 — Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso no inicializado en WebRTC en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary c... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-908: Use of Uninitialized Resource •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2020-6443 – chromium-browser: Insufficient data validation in developer tools
https://notcve.org/view.php?id=CVE-2020-6443
13 Apr 2020 — Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page. Una comprobación insuficiente de datos en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools ejecutar código arbitrario por medio de una página HTML diseñada. Multiple vulnerabilities have been found in ... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6441 – chromium-browser: Insufficient policy enforcement in omnibox
https://notcve.org/view.php?id=CVE-2020-6441
13 Apr 2020 — Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. Una aplicación insuficiente de la política en omnibox en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir la Interfaz de Usuario de seguridad por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitr... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 1CVE-2020-6442 – chromium-browser: Inappropriate implementation in cache
https://notcve.org/view.php?id=CVE-2020-6442
13 Apr 2020 — Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada en cache en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less th... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6439 – chromium-browser: Insufficient policy enforcement in navigations
https://notcve.org/view.php?id=CVE-2020-6439
13 Apr 2020 — Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. Una aplicación insuficiente de la política en navigations en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir la Interfaz de Usuario de seguridad por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execut... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html • CWE-276: Incorrect Default Permissions •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-6440 – chromium-browser: Inappropriate implementation in extensions
https://notcve.org/view.php?id=CVE-2020-6440
13 Apr 2020 — Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. Una implementación inapropiada en extensions en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante que convenció a un usuario a instalar una extensión maliciosa para obtener información potencialmente confidencial por medio de una Extensión de Chrome diseña... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html •