|
209541
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a mal…
|
NVD-CWE-noinfo
|
CVE-2020-16035
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209542
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-16034
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209543
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-16033
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209544
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-16032
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209545
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-16031
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209546
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
|
CWE-79
Cross-site Scripting
|
CVE-2020-16030
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209547
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.
|
CWE-862
Missing Authorization
|
CVE-2020-16029
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209548
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16028
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209549
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive inf…
|
CWE-862
Missing Authorization
|
CVE-2020-16027
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209550
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2020-16026
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
