| CVE-2020-6536 |
Low |
No |
Content spoofing |
Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the... |
| CVE-2020-6535 |
Low |
Yes |
Content spoofing |
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject... |
| CVE-2020-6534 |
Low |
Yes |
Denial of service |
Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-6533 |
Low |
Yes |
Denial of service |
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-6531 |
Low |
No |
Information disclosure |
Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted... |
| CVE-2020-6530 |
Low |
Yes |
Denial of service |
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious... |
| CVE-2020-6529 |
Low |
Yes |
Information disclosure |
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data... |
| CVE-2020-6528 |
Low |
Yes |
Information disclosure |
Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar)... |
| CVE-2020-6527 |
Low |
Yes |
Certificate verification bypass |
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. |
| CVE-2020-6526 |
Low |
Yes |
Authentication bypass |
Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a... |
| CVE-2020-6525 |
Medium |
Yes |
Arbitrary code execution |
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-6524 |
Medium |
Yes |
Arbitrary code execution |
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-6523 |
Medium |
Yes |
Arbitrary code execution |
Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-6522 |
Medium |
Yes |
Sandbox escape |
Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox... |
| CVE-2020-6521 |
Medium |
Yes |
Information disclosure |
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information... |
| CVE-2020-6520 |
Medium |
Yes |
Denial of service |
Heap buffer overflow in Skia. |
| CVE-2020-6519 |
Medium |
Yes |
Insufficient validation |
Policy bypass in CSP |
| CVE-2020-6518 |
Medium |
Yes |
Arbitrary code execution |
Use after free in developer tools. |
| CVE-2020-6517 |
High |
Yes |
Arbitrary code execution |
Heap buffer overflow in history. |
| CVE-2020-6516 |
High |
Yes |
Information disclosure |
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
| CVE-2020-6515 |
High |
Yes |
Arbitrary code execution |
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-6514 |
High |
Yes |
Arbitrary code execution |
Inappropriate implementation in WebRTC. |
| CVE-2020-6513 |
High |
Yes |
Arbitrary code execution |
Heap buffer overflow in PDFium. |
| CVE-2020-6512 |
High |
Yes |
Insufficient validation |
Type Confusion in V8. |
| CVE-2020-6511 |
High |
Yes |
Information disclosure |
Side-channel information leakage in content security policy. |
| CVE-2020-6510 |
Critical |
Yes |
Arbitrary code execution |
Heap buffer overflow in background fetch. |