CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » * * * * : Security Vulnerabilities (Gain Information)

Cpe Name:cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-37976 +Info 2021-10-08 2022-01-15
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
2 CVE-2021-37963 Bypass +Info 2021-10-08 2022-01-15
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page.
3 CVE-2021-30580 863 +Info 2021-08-03 2021-12-08
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.
4 CVE-2021-21219 200 +Info 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
5 CVE-2021-21218 908 +Info 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
6 CVE-2021-21217 200 +Info 2021-04-26 2021-06-01
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
7 CVE-2021-21190 908 +Info 2021-03-09 2021-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
8 CVE-2021-21185 +Info 2021-03-09 2021-12-03
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.
9 CVE-2021-21181 203 +Info 2021-03-09 2021-12-03
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
10 CVE-2021-21177 287 +Info 2021-03-09 2021-12-03
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
11 CVE-2021-21173 203 +Info 2021-03-09 2021-12-03
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
12 CVE-2021-21168 +Info 2021-03-09 2021-12-03
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
13 CVE-2021-21137 200 +Info 2021-02-09 2021-03-15
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
14 CVE-2020-16042 200 +Info 2021-01-08 2021-07-21
4.3
None Remote Medium Not required Partial None None
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
15 CVE-2020-16041 125 +Info 2021-01-08 2021-03-04
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
16 CVE-2020-16027 862 +Info 2021-01-08 2021-01-12
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.
17 CVE-2020-16012 +Info 2021-01-08 2021-01-12
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
18 CVE-2020-15989 665 +Info 2020-11-03 2021-07-21
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
19 CVE-2020-15982 +Info 2020-11-03 2021-03-11
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
20 CVE-2020-15981 125 +Info 2020-11-03 2021-03-11
4.3
None Remote Medium Not required Partial None None
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
21 CVE-2020-15966 +Info 2020-09-21 2021-03-04
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
22 CVE-2020-15959 +Info 2020-09-21 2021-01-30
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
23 CVE-2020-6570 200 +Info 2020-09-21 2021-01-28
4.3
None Remote Medium Not required Partial None None
Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.
24 CVE-2020-6555 125 +Info 2020-09-21 2021-01-27
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
25 CVE-2020-6547 200 +Info 2020-09-21 2021-07-21
4.3
None Remote Medium Not required Partial None None
Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.
26 CVE-2020-6531 203 +Info 2020-07-22 2021-01-27
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
27 CVE-2020-6521 200 +Info 2020-07-22 2021-07-21
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
28 CVE-2020-6511 200 +Info 2020-07-22 2021-07-21
4.3
None Remote Medium Not required Partial None None
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
29 CVE-2020-6503 200 +Info 2020-06-03 2021-07-21
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
30 CVE-2020-6489 200 +Info 2020-05-21 2021-01-27
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.
31 CVE-2020-6473 200 +Info 2020-05-21 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
32 CVE-2020-6472 200 +Info 2020-05-21 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.
33 CVE-2020-6440 +Info 2020-04-13 2020-07-02
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
34 CVE-2020-6438 200 +Info 2020-04-13 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
35 CVE-2020-6408 200 +Info 2020-02-11 2021-07-21
2.1
None Local Low Not required Partial None None
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
36 CVE-2020-6405 125 +Info 2020-02-11 2020-02-17
4.3
None Remote Medium Not required Partial None None
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
37 CVE-2020-6400 200 +Info 2020-02-11 2021-07-21
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
38 CVE-2020-6395 125 +Info 2020-02-11 2020-02-12
4.3
None Remote Medium Not required Partial None None
Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
39 CVE-2019-13753 125 +Info 2019-12-10 2020-08-06
4.3
None Remote Medium Not required Partial None None
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
40 CVE-2019-13752 125 +Info 2019-12-10 2020-08-06
4.3
None Remote Medium Not required Partial None None
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
41 CVE-2019-13751 908 +Info 2019-12-10 2020-08-24
4.3
None Remote Medium Not required Partial None None
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
42 CVE-2019-13748 862 +Info 2019-12-10 2020-08-24
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
43 CVE-2019-13745 200 +Info 2019-12-10 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
44 CVE-2019-13744 200 +Info 2019-12-10 2019-12-16
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
45 CVE-2019-13737 200 +Info 2019-12-10 2019-12-16
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
46 CVE-2019-13684 200 +Info 2019-11-25 2021-07-21
2.6
None Remote High Not required Partial None None
Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
47 CVE-2019-13666 200 +Info 2019-11-25 2021-07-21
4.3
None Remote Medium Not required Partial None None
Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
48 CVE-2019-5881 125 +Info 2019-11-25 2019-12-02
5.8
None Remote Medium Not required Partial None Partial
Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
49 CVE-2019-5880 200 +Info 2019-11-25 2019-12-02
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
50 CVE-2019-5852 20 +Info 2019-11-25 2019-11-27
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Total number of vulnerabilities : 151   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.