CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6495 – chromium-browser: Insufficient policy enforcement in developer tools
https://notcve.org/view.php?id=CVE-2020-6495
03 Jun 2020 — Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-276: Incorrect Default Permissions •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-6496 – chromium-browser: Use after free in payments
https://notcve.org/view.php?id=CVE-2020-6496
03 Jun 2020 — Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 3%CPEs: 5EXPL: 0CVE-2020-6493 – chromium-browser: Use after free in WebAuthentication
https://notcve.org/view.php?id=CVE-2020-6493
03 Jun 2020 — Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2020-12388 – Firefox Default Content Process DACL Sandbox Escape
https://notcve.org/view.php?id=CVE-2020-12388
26 May 2020 — The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. ... The Firefox content processes do not sufficiently lockdown access control which can result in a sandbox escape. • https://packetstorm.news/files/id/157860 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2020-12389
https://notcve.org/view.php?id=CVE-2020-12389
26 May 2020 — The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. • https://bugzilla.mozilla.org/show_bug.cgi?id=1554110 • CWE-20: Improper Input Validation •
CVSS: 9.6EPSS: 0%CPEs: 7EXPL: 1CVE-2020-6471 – chromium-browser: Insufficient policy enforcement in developer tools
https://notcve.org/view.php?id=CVE-2020-6471
21 May 2020 — Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-276: Incorrect Default Permissions •
CVSS: 9.6EPSS: 0%CPEs: 7EXPL: 0CVE-2020-6469 – chromium-browser: Insufficient policy enforcement in developer tools
https://notcve.org/view.php?id=CVE-2020-6469
21 May 2020 — Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-276: Incorrect Default Permissions •
CVSS: 9.6EPSS: 1%CPEs: 7EXPL: 0CVE-2020-6466 – chromium-browser: Use after free in media
https://notcve.org/view.php?id=CVE-2020-6466
21 May 2020 — Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 1%CPEs: 7EXPL: 0CVE-2020-6465 – chromium-browser: Use after free in reader mode
https://notcve.org/view.php?id=CVE-2020-6465
21 May 2020 — Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 1%CPEs: 3EXPL: 0CVE-2020-6461 – chromium-browser: Use after free in storage
https://notcve.org/view.php?id=CVE-2020-6461
30 Apr 2020 — Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_27.html • CWE-416: Use After Free •