Vulnerabilities > Google > Chrome > 12.0.737.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-21 | CVE-2020-6471 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |
2020-05-21 | CVE-2020-6470 | Cross-site Scripting vulnerability in multiple products Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents. | 6.1 |
2020-05-21 | CVE-2020-6469 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |
2020-05-21 | CVE-2020-6468 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-05-21 | CVE-2020-6467 | Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-05-21 | CVE-2020-6466 | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2020-05-21 | CVE-2020-6465 | Use After Free vulnerability in multiple products Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2020-05-21 | CVE-2020-6464 | Type Confusion vulnerability in multiple products Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-05-21 | CVE-2020-6463 | Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-05-21 | CVE-2020-6462 | Use After Free vulnerability in multiple products Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |