CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » * * * * : Security Vulnerabilities Published In 2020 (Gain Information)

Cpe Name:cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-15989 665 +Info 2020-11-03 2021-07-21
4.3
None Remote Medium Not required Partial None None
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
2 CVE-2020-15982 +Info 2020-11-03 2021-03-11
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
3 CVE-2020-15981 125 +Info 2020-11-03 2021-03-11
4.3
None Remote Medium Not required Partial None None
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
4 CVE-2020-15966 +Info 2020-09-21 2021-03-04
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
5 CVE-2020-15959 +Info 2020-09-21 2021-01-30
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
6 CVE-2020-6570 200 +Info 2020-09-21 2021-01-28
4.3
None Remote Medium Not required Partial None None
Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.
7 CVE-2020-6555 125 +Info 2020-09-21 2021-01-27
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
8 CVE-2020-6547 200 +Info 2020-09-21 2021-07-21
4.3
None Remote Medium Not required Partial None None
Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.
9 CVE-2020-6531 203 +Info 2020-07-22 2021-01-27
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
10 CVE-2020-6521 200 +Info 2020-07-22 2021-07-21
4.3
None Remote Medium Not required Partial None None
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
11 CVE-2020-6511 200 +Info 2020-07-22 2021-07-21
4.3
None Remote Medium Not required Partial None None
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
12 CVE-2020-6503 200 +Info 2020-06-03 2021-07-21
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
13 CVE-2020-6489 200 +Info 2020-05-21 2021-01-27
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.
14 CVE-2020-6473 200 +Info 2020-05-21 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
15 CVE-2020-6472 200 +Info 2020-05-21 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.
16 CVE-2020-6440 +Info 2020-04-13 2020-07-02
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
17 CVE-2020-6438 200 +Info 2020-04-13 2021-07-21
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.
18 CVE-2020-6408 200 +Info 2020-02-11 2021-07-21
2.1
None Local Low Not required Partial None None
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
19 CVE-2020-6405 125 +Info 2020-02-11 2020-02-17
4.3
None Remote Medium Not required Partial None None
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
20 CVE-2020-6400 200 +Info 2020-02-11 2021-07-21
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
21 CVE-2020-6395 125 +Info 2020-02-11 2020-02-12
4.3
None Remote Medium Not required Partial None None
Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
22 CVE-2011-2863 200 +Info 2020-06-03 2020-06-04
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in V8 in Google Chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
23 CVE-2010-3917 200 +Info 2020-02-06 2020-02-10
4.3
None Remote Medium Not required Partial None None
Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to obtain sensitive information via a crafted web site.
Total number of vulnerabilities : 23   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.