CVSS: 8.8EPSS: 43%CPEs: 8EXPL: 1CVE-2020-6383 – chromium-browser: Type confusion in V8
https://notcve.org/view.php?id=CVE-2020-6383
27 Feb 2020 — Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addressed include integer overflow, ... • https://access.redhat.com/errata/RHSA-2020:0738 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 1CVE-2020-6384 – chromium-browser: Use after free in WebAudio
https://notcve.org/view.php?id=CVE-2020-6384
27 Feb 2020 — Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en WebAudio en Google Chrome versiones anteriores a 80.0.3987.116, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.122. Issues addre... • https://access.redhat.com/errata/RHSA-2020:0738 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 4%CPEs: 17EXPL: 0CVE-2020-3757 – flash-plugin: Arbitrary Code Execution vulnerability (APSB20-06)
https://notcve.org/view.php?id=CVE-2020-3757
13 Feb 2020 — Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versiones 32.0.0.321 y anteriores, 32.0.0.314 y anteriores, 32.0.0.321 y anteriores, y 32.0.0.255 y anteriores, presenta una vulnerabilidad de confusión de tipos. Una explotación con éxito podría conllevar a una ejecución de código arbitrario. The flash-plugin pack... • https://access.redhat.com/errata/RHSA-2020:0513 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 1CVE-2020-6415 – chromium-browser: Inappropriate implementation in JavaScript
https://notcve.org/view.php?id=CVE-2020-6415
11 Feb 2020 — Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues a... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 1CVE-2020-6416 – chromium-browser: Insufficient data validation in streams
https://notcve.org/view.php?id=CVE-2020-6416
11 Feb 2020 — Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una comprobación de datos insuficiente en streams en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 3%CPEs: 13EXPL: 1CVE-2020-6381 – chromium-browser: Integer overflow in JavaScript
https://notcve.org/view.php?id=CVE-2020-6381
11 Feb 2020 — Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de enteros en JavaScript en Google Chrome sobre ChromeOS y Android versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromiu... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 1CVE-2020-6382 – chromium-browser: Type Confusion in JavaScript
https://notcve.org/view.php?id=CVE-2020-6382
11 Feb 2020 — Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en JavaScript en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues addressed include infor... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 1CVE-2020-6385 – chromium-browser: Insufficient policy enforcement in storage
https://notcve.org/view.php?id=CVE-2020-6385
11 Feb 2020 — Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page. Una aplicación insuficiente de políticas en storage en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto omitir el aislamiento del sitio por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues addressed include informat... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.8EPSS: 4%CPEs: 11EXPL: 2CVE-2020-6390 – chromium-browser: Out of bounds memory access in streams
https://notcve.org/view.php?id=CVE-2020-6390
11 Feb 2020 — Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en streams en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.0.3987.87. Issues... • https://packetstorm.news/files/id/157419 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 1CVE-2020-6391 – chromium-browser: Insufficient validation of untrusted input in Blink
https://notcve.org/view.php?id=CVE-2020-6391
11 Feb 2020 — Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page. Una comprobación insuficiente de una entrada no confiable en Blink en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante local omitir la política de seguridad de contenido por medio de una página HTML diseñada. Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 80.... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •