Chrome - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Chrome
(Google)

Repositories	• https://github.com/googlei18n/sfntly • https://github.com/behdad/harfbuzz • https://github.com/uclouvain/openjpeg
#Vulnerabilities	3559

Date	Id	Summary	Products	Score	Patch	Annotated
2020-11-03	CVE-2020-15985	Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle	6.5
2020-11-03	CVE-2020-15986	Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle	6.5
2020-11-03	CVE-2020-15987	Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.	Debian_linux, Fedora, Chrome, Backports_sle	8.8
2020-11-03	CVE-2020-15988	Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle	6.3
2020-11-03	CVE-2020-15989	Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.	Debian_linux, Fedora, Chrome, Backports_sle	5.5
2020-11-03	CVE-2020-15991	Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle	8.8
2020-11-03	CVE-2020-15992	Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle	8.8
2020-11-03	CVE-2020-15993	Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Chrome	9.8
2020-11-03	CVE-2020-15995	Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome	8.8
2020-11-03	CVE-2020-15994	Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Chrome	8.8