Chrome - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Chrome
(Google)

Repositories	• https://github.com/googlei18n/sfntly • https://github.com/behdad/harfbuzz • https://github.com/uclouvain/openjpeg
#Vulnerabilities	3559

Date	Id	Summary	Products	Score	Patch	Annotated
2020-02-11	CVE-2020-6413	Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.	Chrome, Backports_sle	8.8
2020-02-11	CVE-2020-6414	Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	Chrome, Backports_sle	8.8
2020-02-11	CVE-2020-6415	Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub	8.8
2020-02-11	CVE-2020-6416	Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub	8.8
2020-02-11	CVE-2020-6417	Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.	Chrome	7.8
2020-02-27	CVE-2020-6383	Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6384	Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6386	Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6418	Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	8.8
2020-02-27	CVE-2020-6407	Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Chrome	8.8