Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.49%
Published
2020-05-21
Updated
2021-07-21
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.
Max CVSS
6.1
EPSS Score
0.66%
Published
2020-05-21
Updated
2021-01-28
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
Max CVSS
9.6
EPSS Score
0.30%
Published
2020-05-21
Updated
2021-01-28
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.
Max CVSS
6.5
EPSS Score
0.15%
Published
2020-05-21
Updated
2021-07-21
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.37%
Published
2020-05-21
Updated
2021-07-21
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.47%
Published
2020-05-21
Updated
2021-07-21
Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.22%
Published
2020-05-21
Updated
2021-01-28
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
Max CVSS
6.5
EPSS Score
0.39%
Published
2020-05-21
Updated
2021-01-28
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.
Max CVSS
6.5
EPSS Score
0.42%
Published
2020-05-21
Updated
2021-01-28
Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name.
Max CVSS
6.5
EPSS Score
0.20%
Published
2020-05-21
Updated
2021-01-28
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
Max CVSS
6.5
EPSS Score
0.39%
Published
2020-05-21
Updated
2021-01-28
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.25%
Published
2020-05-21
Updated
2021-01-27
Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.28%
Published
2020-05-21
Updated
2021-01-27
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.42%
Published
2020-05-21
Updated
2021-01-27
Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.37%
Published
2020-05-21
Updated
2021-01-27
Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.48%
Published
2020-05-21
Updated
2021-01-27
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.18%
Published
2020-07-22
Updated
2021-07-21
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
7.8
EPSS Score
0.18%
Published
2020-07-22
Updated
2021-01-27
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Max CVSS
6.5
EPSS Score
1.03%
Published
2020-07-22
Updated
2021-07-21
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
1.13%
Published
2020-07-22
Updated
2021-07-21
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!