Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP2 package chromium, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2020-6509 — CVSS 9.6 (critical): Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious…
CVE-2021-21106 — CVSS 9.6 (critical): Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-21150 — CVSS 9.6 (critical): Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer…
CVE-2020-16018 — CVSS 9.6 (critical): Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-21109 — CVSS 9.6 (critical): Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-21110 — CVSS 9.6 (critical): Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape…
CVE-2021-21115 — CVSS 9.6 (critical): User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process…
CVE-2020-15961 — CVSS 9.6 (critical): Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a…
CVE-2020-16011 — CVSS 9.6 (critical): Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer…
CVE-2020-16024 — CVSS 9.6 (critical): Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-16025 — CVSS 9.6 (critical): Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process…
CVE-2020-15963 — CVSS 9.6 (critical): Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a…
CVE-2021-21121 — CVSS 9.6 (critical): Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape…
CVE-2021-21146 — CVSS 9.6 (critical): Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-6522 — CVSS 9.6 (critical): Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially…
CVE-2021-21108 — CVSS 9.6 (critical): Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-16014 — CVSS 9.6 (critical): Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-6573 — CVSS 9.6 (critical): Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer…
CVE-2021-21155 — CVSS 9.6 (critical): Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the…
CVE-2021-21154 — CVSS 9.6 (critical): Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer…
CVE-2021-21124 — CVSS 9.6 (critical): Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially…
CVE-2021-21132 — CVSS 9.6 (critical): Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox…
CVE-2021-21111 — CVSS 9.6 (critical): Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a…
CVE-2020-16016 — CVSS 9.6 (critical): Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer…
CVE-2021-21107 — CVSS 9.6 (critical): Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer…
CVE-2021-21151 — CVSS 9.6 (critical): Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a…
CVE-2021-21142 — CVSS 9.6 (critical): Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape…
CVE-2020-15991 — CVSS 8.8 (high): Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer…
CVE-2020-15992 — CVSS 8.8 (high): Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the…
CVE-2020-15995 — CVSS 8.8 (high): Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16000 — CVSS 8.8 (high): Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap…
CVE-2020-16001 — CVSS 8.8 (high): Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16002 — CVSS 8.8 (high): Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16003 — CVSS 8.8 (high): Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16004 — CVSS 8.8 (high): Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-16005 — CVSS 8.8 (high): Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap…
CVE-2020-16006 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-16008 — CVSS 8.8 (high): Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption…
CVE-2021-21188 — CVSS 8.8 (high): Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16015 — CVSS 8.8 (high): Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap…
CVE-2020-16019 — CVSS 8.8 (high): Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised…
CVE-2020-16020 — CVSS 8.8 (high): Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised…
CVE-2020-16022 — CVSS 8.8 (high): Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass…
CVE-2020-16023 — CVSS 8.8 (high): Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16026 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21180 — CVSS 8.8 (high): Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16028 — CVSS 8.8 (high): Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2020-16029 — CVSS 8.8 (high): Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions…
CVE-2021-21179 — CVSS 8.8 (high): Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap…
CVE-2021-21174 — CVSS 8.8 (high): Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions…
CVE-2021-21169 — CVSS 8.8 (high): Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds…
CVE-2021-21167 — CVSS 8.8 (high): Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16035 — CVSS 8.8 (high): Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised…
CVE-2020-16037 — CVSS 8.8 (high): Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16038 — CVSS 8.8 (high): Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2020-16039 — CVSS 8.8 (high): Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21165 — CVSS 8.8 (high): Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2021-21162 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16043 — CVSS 8.8 (high): Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access…
CVE-2020-16044 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21161 — CVSS 8.8 (high): Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-6512 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2020-6513 — CVSS 8.8 (high): Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2021-21160 — CVSS 8.8 (high): Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-6515 — CVSS 8.8 (high): Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21159 — CVSS 8.8 (high): Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-6517 — CVSS 8.8 (high): Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2020-6518 — CVSS 8.8 (high): Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use…
CVE-2021-21157 — CVSS 8.8 (high): Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap…
CVE-2020-6520 — CVSS 8.8 (high): Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21156 — CVSS 8.8 (high): Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6523 — CVSS 8.8 (high): Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6524 — CVSS 8.8 (high): Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption…
CVE-2021-21153 — CVSS 8.8 (high): Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out…
CVE-2021-21152 — CVSS 8.8 (high): Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap…
CVE-2020-6530 — CVSS 8.8 (high): Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a…
CVE-2020-6532 — CVSS 8.8 (high): Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6533 — CVSS 8.8 (high): Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2020-6534 — CVSS 8.8 (high): Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2021-21149 — CVSS 8.8 (high): Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds…
CVE-2020-6537 — CVSS 8.8 (high): Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a…
CVE-2020-6539 — CVSS 8.8 (high): Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6540 — CVSS 8.8 (high): Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6541 — CVSS 8.8 (high): Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6542 — CVSS 8.8 (high): Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6543 — CVSS 8.8 (high): Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-6544 — CVSS 8.8 (high): Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6545 — CVSS 8.8 (high): Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6548 — CVSS 8.8 (high): Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-6549 — CVSS 8.8 (high): Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6550 — CVSS 8.8 (high): Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6551 — CVSS 8.8 (high): Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6552 — CVSS 8.8 (high): Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-6553 — CVSS 8.8 (high): Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap…
CVE-2021-21145 — CVSS 8.8 (high): Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21144 — CVSS 8.8 (high): Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious…
CVE-2020-6559 — CVSS 8.8 (high): Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption…
CVE-2021-21143 — CVSS 8.8 (high): Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious…
CVE-2020-6525 — CVSS 8.8 (high): Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21118 — CVSS 8.8 (high): Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds…
CVE-2020-15960 — CVSS 8.8 (high): Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds…
CVE-2020-15962 — CVSS 8.8 (high): Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of…
CVE-2020-15964 — CVSS 8.8 (high): Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap…
CVE-2020-15965 — CVSS 8.8 (high): Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access…
CVE-2020-15967 — CVSS 8.8 (high): Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a…
CVE-2020-15968 — CVSS 8.8 (high): Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-15969 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-15970 — CVSS 8.8 (high): Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-15971 — CVSS 8.8 (high): Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-15972 — CVSS 8.8 (high): Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21199 — CVSS 8.8 (high): Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process…
CVE-2020-15974 — CVSS 8.8 (high): Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2020-15975 — CVSS 8.8 (high): Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2020-15976 — CVSS 8.8 (high): Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption…
CVE-2021-21197 — CVSS 8.8 (high): Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-15978 — CVSS 8.8 (high): Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised…
CVE-2020-15979 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption…
CVE-2021-21196 — CVSS 8.8 (high): Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap…
CVE-2021-21195 — CVSS 8.8 (high): Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2021-21194 — CVSS 8.8 (high): Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption…
CVE-2021-21192 — CVSS 8.8 (high): Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-15987 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21191 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21190 — CVSS 8.8 (high): Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information…
CVE-2020-15990 — CVSS 8.8 (high): Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-21128 — CVSS 8.8 (high): Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21127 — CVSS 8.8 (high): Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security…
CVE-2021-21122 — CVSS 8.8 (high): Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21120 — CVSS 8.8 (high): Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21119 — CVSS 8.8 (high): Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to…
CVE-2020-6576 — CVSS 8.8 (high): Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption…
CVE-2021-21112 — CVSS 8.8 (high): Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21113 — CVSS 8.8 (high): Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21114 — CVSS 8.8 (high): Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21116 — CVSS 8.8 (high): Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2020-6554 — CVSS 8.6 (high): Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via…
CVE-2021-21138 — CVSS 8.6 (high): Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a…
CVE-2020-6575 — CVSS 8.3 (high): Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially…
CVE-2021-21172 — CVSS 8.1 (high): Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass…
CVE-2020-16041 — CVSS 8.1 (high): Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process…
CVE-2021-21125 — CVSS 8.1 (high): Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass…
CVE-2020-15983 — CVSS 7.8 (high): Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content…
CVE-2020-6574 — CVSS 7.8 (high): Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially…
CVE-2020-15980 — CVSS 7.8 (high): Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation…
CVE-2020-6510 — CVSS 7.8 (high): Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap…
CVE-2020-27844 — CVSS 7.8 (high): A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to…
CVE-2021-21117 — CVSS 7.8 (high): Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege…
CVE-2020-6546 — CVSS 7.8 (high): Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege…
CVE-2020-16007 — CVSS 7.8 (high): Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege…
CVE-2020-6555 — CVSS 7.6 (high): Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information…
CVE-2019-8075 — CVSS 7.5 (high): Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could…
CVE-2020-16021 — CVSS 7.5 (high): Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process…
CVE-2021-21198 — CVSS 7.4 (high): Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-21140 — CVSS 6.8 (medium): Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access…
CVE-2021-21123 — CVSS 6.5 (medium): Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2020-6567 — CVSS 6.5 (medium): Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote…
CVE-2020-6566 — CVSS 6.5 (medium): Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a…
CVE-2021-21126 — CVSS 6.5 (medium): Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via…
CVE-2020-6565 — CVSS 6.5 (medium): Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of…
CVE-2020-6564 — CVSS 6.5 (medium): Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a…
CVE-2021-21129 — CVSS 6.5 (medium): Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2021-21130 — CVSS 6.5 (medium): Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2021-21131 — CVSS 6.5 (medium): Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2020-6563 — CVSS 6.5 (medium): Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain…
CVE-2021-21133 — CVSS 6.5 (medium): Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download…
CVE-2021-21134 — CVSS 6.5 (medium): Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a…
CVE-2021-21135 — CVSS 6.5 (medium): Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data…
CVE-2021-21136 — CVSS 6.5 (medium): Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin…
CVE-2021-21137 — CVSS 6.5 (medium): Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive…
CVE-2020-6562 — CVSS 6.5 (medium): Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a…
CVE-2021-21139 — CVSS 6.5 (medium): Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation…
CVE-2020-6568 — CVSS 6.5 (medium): Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass…
CVE-2020-6521 — CVSS 6.5 (medium): Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially…
CVE-2020-6519 — CVSS 6.5 (medium): Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML…
CVE-2020-6514 — CVSS 6.5 (medium): Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to…
CVE-2020-6511 — CVSS 6.5 (medium): Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via…
CVE-2020-16042 — CVSS 6.5 (medium): Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from…
CVE-2021-21163 — CVSS 6.5 (medium): Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin…
CVE-2021-21164 — CVSS 6.5 (medium): Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin…
CVE-2020-16040 — CVSS 6.5 (medium): Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption…
CVE-2020-16036 — CVSS 6.5 (medium): Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via…
CVE-2021-21168 — CVSS 6.5 (medium): Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially…
CVE-2021-21170 — CVSS 6.5 (medium): Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process…
CVE-2021-21171 — CVSS 6.5 (medium): Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the…
CVE-2021-21173 — CVSS 6.5 (medium): Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin…
CVE-2021-21175 — CVSS 6.5 (medium): Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data…
CVE-2021-21176 — CVSS 6.5 (medium): Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of…
CVE-2021-21177 — CVSS 6.5 (medium): Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially…
CVE-2021-21178 — CVSS 6.5 (medium): Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof…
CVE-2020-16027 — CVSS 6.5 (medium): Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to…
CVE-2021-21181 — CVSS 6.5 (medium): Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially…