CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » * * * * : Security Vulnerabilities Published In 2020 (Bypass)

Cpe Name:cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-15992 Bypass 2020-11-03 2021-02-24
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
2 CVE-2020-15983 20 Bypass 2020-11-03 2021-03-11
4.4
None Local Medium Not required Partial Partial Partial
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.
3 CVE-2020-15974 190 Overflow Bypass 2020-11-03 2021-01-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
4 CVE-2020-15973 Bypass 2020-11-03 2021-03-11
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.
5 CVE-2020-6527 276 Bypass 2020-07-22 2021-03-16
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
6 CVE-2020-6526 Bypass 2020-07-22 2021-01-27
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
7 CVE-2020-6519 Bypass 2020-07-22 2021-03-12
4.3
None Remote Medium Not required None Partial None
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
8 CVE-2020-6516 Bypass 2020-07-22 2021-03-12
4.3
None Remote Medium Not required Partial None None
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
9 CVE-2020-6504 276 Bypass 2020-06-03 2020-06-04
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page.
10 CVE-2020-6501 276 Bypass 2020-06-03 2020-06-04
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
11 CVE-2020-6499 Bypass 2020-06-03 2020-06-04
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass AppCache security restrictions via a crafted HTML page.
12 CVE-2020-6488 276 Bypass 2020-05-21 2020-07-08
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
13 CVE-2020-6487 276 Bypass 2020-05-21 2021-01-27
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
14 CVE-2020-6486 Bypass 2020-05-21 2021-01-27
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
15 CVE-2020-6484 276 Bypass 2020-05-21 2020-07-08
4.3
None Remote Medium Not required None Partial None
Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request.
16 CVE-2020-6483 276 Bypass 2020-05-21 2021-01-27
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
17 CVE-2020-6482 276 Bypass 2020-05-21 2021-01-28
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
18 CVE-2020-6480 276 Bypass 2020-05-21 2021-01-28
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.
19 CVE-2020-6476 276 Bypass 2020-05-21 2021-01-28
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
20 CVE-2020-6456 276 Bypass 2020-04-13 2020-07-02
4.3
None Remote Medium Not required Partial None None
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.
21 CVE-2020-6446 276 Bypass 2020-04-13 2020-07-02
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
22 CVE-2020-6445 276 Bypass 2020-04-13 2020-07-02
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
23 CVE-2020-6441 276 Bypass 2020-04-13 2020-07-02
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
24 CVE-2020-6439 276 Bypass 2020-04-13 2020-07-02
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
25 CVE-2020-6435 Bypass 2020-04-13 2020-07-02
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
26 CVE-2020-6433 Bypass 2020-04-13 2020-07-02
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
27 CVE-2020-6432 Bypass 2020-04-13 2020-07-02
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
28 CVE-2020-6425 20 Bypass 2020-03-23 2020-03-25
5.8
None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.
29 CVE-2020-6420 Bypass 2020-03-23 2022-01-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
30 CVE-2020-6414 Bypass 2020-02-11 2020-02-17
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
31 CVE-2020-6413 Bypass 2020-02-11 2020-02-17
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.
32 CVE-2020-6409 Bypass 2020-02-11 2020-02-12
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.
33 CVE-2020-6394 20 Bypass 2020-02-11 2021-07-21
5.8
None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
34 CVE-2020-6392 20 Bypass 2020-02-11 2021-07-21
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
35 CVE-2020-6391 20 Bypass 2020-02-11 2021-07-21
4.3
None Remote Medium Not required None Partial None
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
36 CVE-2020-6385 20 Bypass 2020-02-11 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
37 CVE-2020-6380 863 Bypass 2020-02-11 2022-01-01
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension.
Total number of vulnerabilities : 37   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.