CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2020-6427 – chromium-browser: Use after free in audio
https://notcve.org/view.php?id=CVE-2020-6427
20 Mar 2020 — Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en audio en Google Chrome versiones anteriores a 80.0.3987.149, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute ar... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2020-6426 – chromium-browser: Inappropriate implementation in V8
https://notcve.org/view.php?id=CVE-2020-6426
20 Mar 2020 — Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en V8 en Google Chrome versiones anteriores a 80.0.3987.149, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbit... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-6424 – chromium-browser: Use after free in media
https://notcve.org/view.php?id=CVE-2020-6424
20 Mar 2020 — Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en media en Google Chrome versiones anteriores a 80.0.3987.149, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute ar... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 1CVE-2020-6422 – chromium-browser: Use after free in WebGL
https://notcve.org/view.php?id=CVE-2020-6422
20 Mar 2020 — Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebGL en Google Chrome versiones anteriores a 80.0.3987.149, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute ar... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 9EXPL: 2CVE-2020-6449 – chromium-browser: Use after free in audio
https://notcve.org/view.php?id=CVE-2020-6449
20 Mar 2020 — Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en audio en Google Chrome versiones anteriores a 80.0.3987.149, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute ar... • https://packetstorm.news/files/id/172843 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-10531 – ICU: Integer overflow in UnicodeString::doAppend()
https://notcve.org/view.php?id=CVE-2020-10531
12 Mar 2020 — An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. Se detectó un problema en International Components for Unicode (ICU) para C/C++ versiones hasta 66.1. Se presenta un desbordamiento de enteros, conllevando a un desbordamiento de búfer en la región heap de la memoria, en la función UnicodeString::doAppend() en el archivo common/unistr... • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00004.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-6420 – chromium-browser: Insufficient policy enforcement in media
https://notcve.org/view.php?id=CVE-2020-6420
10 Mar 2020 — Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Una aplicación insuficiente de política en media en Google Chrome versiones anteriores a 80.0.3987.132, permitió a un atacante remoto omitir una política de mismo origen por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary c... • https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 8.8EPSS: 95%CPEs: 8EXPL: 8CVE-2020-6418 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2020-6418
27 Feb 2020 — Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 80.0.3987.122, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addressed include integer overflow, ... • https://packetstorm.news/files/id/156632 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-6386 – chromium-browser: Use after free in speech
https://notcve.org/view.php?id=CVE-2020-6386
27 Feb 2020 — Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en speech en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addressed... • https://access.redhat.com/errata/RHSA-2020:0738 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-6407 – chromium-browser: Out of bounds memory access in streams
https://notcve.org/view.php?id=CVE-2020-6407
27 Feb 2020 — Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en streams en Google Chrome versiones anteriores a 80.0.3987.122, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Iss... • https://access.redhat.com/errata/RHSA-2020:0738 • CWE-787: Out-of-bounds Write •