| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-6574 | 4.6 |
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
|
31-01-2023 - 21:14 | 21-09-2020 - 20:15 | |
| CVE-2020-6568 | 4.3 |
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
28-10-2022 - 23:02 | 21-09-2020 - 20:15 | |
| CVE-2020-6567 | 4.3 |
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
28-10-2022 - 23:01 | 21-09-2020 - 20:15 | |
| CVE-2020-6566 | 4.3 |
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
07-10-2022 - 15:05 | 21-09-2020 - 20:15 | |
| CVE-2020-6565 | 4.3 |
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
07-10-2022 - 15:05 | 21-09-2020 - 20:15 | |
| CVE-2020-6564 | 4.3 |
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
|
05-10-2022 - 18:26 | 21-09-2020 - 20:15 | |
| CVE-2020-6563 | 4.3 |
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
|
05-10-2022 - 18:25 | 21-09-2020 - 20:15 | |
| CVE-2020-6560 | 4.3 |
Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
05-10-2022 - 16:38 | 21-09-2020 - 20:15 | |
| CVE-2020-6558 | 4.3 |
Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
28-04-2022 - 18:19 | 21-09-2020 - 20:15 | |
| CVE-2020-6576 | 6.8 |
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
21-07-2021 - 11:39 | 21-09-2020 - 20:15 | |
| CVE-2020-6569 | 6.8 |
Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
|
21-07-2021 - 11:39 | 21-09-2020 - 20:15 | |
| CVE-2020-6562 | 4.3 |
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
21-07-2021 - 11:39 | 21-09-2020 - 20:15 | |
| CVE-2020-6559 | 9.3 |
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
21-07-2021 - 11:39 | 21-09-2020 - 20:15 | |
| CVE-2020-15959 | 4.3 |
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
|
30-01-2021 - 02:20 | 21-09-2020 - 20:15 | |
| CVE-2020-6571 | 4.3 |
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
28-01-2021 - 14:55 | 21-09-2020 - 20:15 | |
| CVE-2020-6570 | 4.3 |
Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.
|
28-01-2021 - 14:54 | 21-09-2020 - 20:15 | |
| CVE-2020-6575 | 5.1 |
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
27-01-2021 - 21:23 | 21-09-2020 - 20:15 | |
| CVE-2020-6573 | 6.8 |
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
27-01-2021 - 20:51 | 21-09-2020 - 20:15 | |
| CVE-2020-6561 | 4.3 |
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
27-01-2021 - 20:32 | 21-09-2020 - 20:15 | |
| CVE-2020-6565 | 4.3 |
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
30-09-2020 - 15:58 | 21-09-2020 - 20:15 | |
| CVE-2020-6569 | 6.8 |
Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
|
29-09-2020 - 20:42 | 21-09-2020 - 20:15 | |
| CVE-2020-6574 | 4.6 |
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
|
28-09-2020 - 18:03 | 21-09-2020 - 20:15 | |
| CVE-2020-6575 | 5.1 |
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
28-09-2020 - 17:50 | 21-09-2020 - 20:15 | |
| CVE-2020-6576 | 6.8 |
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
28-09-2020 - 17:43 | 21-09-2020 - 20:15 | |
| CVE-2020-6568 | 4.3 |
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
28-09-2020 - 17:42 | 21-09-2020 - 20:15 | |
| CVE-2020-6567 | 4.3 |
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
28-09-2020 - 17:31 | 21-09-2020 - 20:15 | |
| CVE-2020-6566 | 4.3 |
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
28-09-2020 - 17:20 | 21-09-2020 - 20:15 | |
| CVE-2020-6564 | 4.3 |
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
|
28-09-2020 - 17:17 | 21-09-2020 - 20:15 | |
| CVE-2020-6563 | 4.3 |
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
|
28-09-2020 - 17:02 | 21-09-2020 - 20:15 | |
| CVE-2020-6561 | 4.3 |
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
28-09-2020 - 17:00 | 21-09-2020 - 20:15 | |
| CVE-2020-6560 | 4.3 |
Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
28-09-2020 - 16:49 | 21-09-2020 - 20:15 | |
| CVE-2020-6559 | 9.3 |
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
28-09-2020 - 15:55 | 21-09-2020 - 20:15 | |
| CVE-2020-6558 | 4.3 |
Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
25-09-2020 - 19:46 | 21-09-2020 - 20:15 | |
| CVE-2020-6562 | 4.3 |
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
25-09-2020 - 19:15 | 21-09-2020 - 20:15 | |
| CVE-2020-6571 | 4.3 |
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
|
25-09-2020 - 19:15 | 21-09-2020 - 20:15 | |
| CVE-2020-6570 | 4.3 |
Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.
|
25-09-2020 - 19:15 | 21-09-2020 - 20:15 | |
| CVE-2020-6573 | 6.8 |
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
25-09-2020 - 14:17 | 21-09-2020 - 20:15 | |
| CVE-2020-15959 | 4.3 |
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
|
25-09-2020 - 13:27 | 21-09-2020 - 20:15 |