Chrome - Vulncode-DB

Product:
Chrome
(Google)

Repositories	• https://github.com/googlei18n/sfntly • https://github.com/uclouvain/openjpeg • https://github.com/behdad/harfbuzz
#Vulnerabilities	2259

Date	Id	Summary	Products	Score	Patch	Annotated
2020-07-22	CVE-2020-6519	Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.	Chrome	6.5
2020-11-03	CVE-2020-16009	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Chrome, Backports_sle, Leap	8.8
2020-11-03	CVE-2020-16008	Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.	Fedora, Chrome, Backports_sle, Leap	8.8
2020-11-03	CVE-2020-16006	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Chrome, Backports_sle, Leap	8.8
2020-11-03	CVE-2020-16005	Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Chrome, Backports_sle, Leap	8.8
2020-11-03	CVE-2020-16004	Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Chrome, Backports_sle, Leap	8.8
2020-11-03	CVE-2020-15999	Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Freetype2, Chrome	6.5
2020-07-22	CVE-2020-6506	Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page.	Chrome	6.5
2020-11-03	CVE-2020-6557	Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.	Chrome	6.5
2020-11-03	CVE-2020-16002	Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.	Fedora, Chrome, Backports_sle	8.8