Описание
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions.
Below is a complete list of vulnerabilities:
- Incorrect security UI vulnerability in PWAs can be exploited to obtain sensitive information.
- Inappropriate implementation vulnerability in WebRTC can be exploited to potentially denial of service.
- Use after free vulnerability in developer tools can be exploited to potentially denial of service and bypass security restrictions.
- Heap buffer overflow vulnerability in Skia can be exploited to potentially denial of service and bypass security restrictions.
- Heap buffer overflow vulnerability in Skiacan can be exploited to potentially denial of service and bypass security restrictions.
- Inappropriate implementation vulnerability in external protocol handlers can be exploited to potentially denial of service.
- Incorrect security UI vulnerability in basic auth can be exploited to obtain sensitive information.
- Side-channel information leakage vulnerability in scroll to text can be exploited to obtain sensitive information.
- Out of bounds write vulnerability in Skia can be exploited to potentially denial of service and bypass security restrictions.
- Out of bounds vulnerability in developer tools can be exploited to potentially denial of service.
- Heap buffer overflow vulnerability in background fetch can be exploited to potentially denial of service and bypass security restrictions.
- Use after free vulnerability in tab strip can be exploited to potentially denial of service.
- Side-channel information leakage vulnerability in content security policy can be exploited to obtain sensitive information.
- Type Confusion vulnerability in V8 can be exploited to potentially denial of service.
- Policy bypass vulnerability in CORS can be exploited to security bypass.
- Insufficient policy enforcement vulnerability in CSP can be exploited to security bypass.
- Policy bypass vulnerability in CSP can be exploited to security bypass.
- Heap buffer overflow vulnerability in WebAudi can be exploited to potentially denial of service.
- Inappropriate implementation vulnerability in iframe sandbox can be exploited to potentially denial of service.
- Heap buffer overflow vulnerability in WebRTC can be exploited to potentially denial of service.
- Insufficient data validation vulnerability in WebUI can be exploited to potentially denial of service.
- Heap buffer overflow vulnerability in history can be exploited to potentially denial of service.
- Side-channel information leakage vulnerability in autofill can be exploited to obtain sensitive information.
- Inappropriate implementation vulnerability in WebRTC can be exploited to potentially denial of service.
- Heap buffer overflow vulnerability in PDFium can be exploited to potentially denial of service.
Первичный источник обнаружения
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
Список CVE
- CVE-2020-6536 warning
- CVE-2020-6529 warning
- CVE-2020-6518 critical
- CVE-2020-6520 critical
- CVE-2020-6525 critical
- CVE-2020-6522 critical
- CVE-2020-6528 warning
- CVE-2020-6531 warning
- CVE-2020-6523 critical
- CVE-2020-6530 critical
- CVE-2020-6510 critical
- CVE-2020-6515 critical
- CVE-2020-6511 high
- CVE-2020-6533 critical
- CVE-2020-6516 warning
- CVE-2020-6527 warning
- CVE-2020-6519 high
- CVE-2020-6524 critical
- CVE-2020-6526 high
- CVE-2020-6534 critical
- CVE-2020-6512 critical
- CVE-2020-6535 high
- CVE-2020-6517 critical
- CVE-2020-6521 high
- CVE-2020-6514 high
- CVE-2020-6513 critical
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!