Multiple vulnerability in Google Chrome

Описание

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Incorrect security UI vulnerability in PWAs can be exploited to obtain sensitive information.
2. Inappropriate implementation vulnerability in WebRTC can be exploited to potentially denial of service.
3. Use after free vulnerability in developer tools can be exploited to potentially denial of service and bypass security restrictions.
4. Heap buffer overflow vulnerability in Skia can be exploited to potentially denial of service and bypass security restrictions.
5. Heap buffer overflow vulnerability in Skiacan can be exploited to potentially denial of service and bypass security restrictions.
6. Inappropriate implementation vulnerability in external protocol handlers can be exploited to potentially denial of service.
7. Incorrect security UI vulnerability in basic auth can be exploited to obtain sensitive information.
8. Side-channel information leakage vulnerability in scroll to text can be exploited to obtain sensitive information.
9. Out of bounds write vulnerability in Skia can be exploited to potentially denial of service and bypass security restrictions.
10. Out of bounds vulnerability in developer tools can be exploited to potentially denial of service.
11. Heap buffer overflow vulnerability in background fetch can be exploited to potentially denial of service and bypass security restrictions.
12. Use after free vulnerability in tab strip can be exploited to potentially denial of service.
13. Side-channel information leakage vulnerability in content security policy can be exploited to obtain sensitive information.
14. Type Confusion vulnerability in V8 can be exploited to potentially denial of service.
15. Policy bypass vulnerability in CORS can be exploited to security bypass.
16. Insufficient policy enforcement vulnerability in CSP can be exploited to security bypass.
17. Policy bypass vulnerability in CSP can be exploited to security bypass.
18. Heap buffer overflow vulnerability in WebAudi can be exploited to potentially denial of service.
19. Inappropriate implementation vulnerability in iframe sandbox can be exploited to potentially denial of service.
20. Heap buffer overflow vulnerability in WebRTC can be exploited to potentially denial of service.
21. Insufficient data validation vulnerability in WebUI can be exploited to potentially denial of service.
22. Heap buffer overflow vulnerability in history can be exploited to potentially denial of service.
23. Side-channel information leakage vulnerability in autofill can be exploited to obtain sensitive information.
24. Inappropriate implementation vulnerability in WebRTC can be exploited to potentially denial of service.
25. Heap buffer overflow vulnerability in PDFium can be exploited to potentially denial of service.

Первичный источник обнаружения

• Stable Channel Update for Desktop
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Google-Chrome

Список CVE

• CVE-2020-6536
  warning
• CVE-2020-6529
  warning
• CVE-2020-6518
  critical
• CVE-2020-6520
  critical
• CVE-2020-6525
  high
• CVE-2020-6522
  high
• CVE-2020-6528
  warning
• CVE-2020-6531
  warning
• CVE-2020-6523
  critical
• CVE-2020-6530
  high
• CVE-2020-6510
  high
• CVE-2020-6515
  critical
• CVE-2020-6511
  warning
• CVE-2020-6533
  high
• CVE-2020-6516
  warning
• CVE-2020-6527
  warning
• CVE-2020-6519
  warning
• CVE-2020-6524
  critical
• CVE-2020-6526
  warning
• CVE-2020-6534
  high
• CVE-2020-6512
  critical
• CVE-2020-6535
  warning
• CVE-2020-6517
  critical
• CVE-2020-6521
  warning
• CVE-2020-6514
  warning
• CVE-2020-6513
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com