Show filters
3,272 Total Results
Displaying 231-240 of 3,272
Sort by:
Attacker Value
Unknown

CVE-2020-15965

Disclosure Date: September 21, 2020 (last updated February 22, 2025)
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Attacker Value
Unknown

CVE-2020-6564

Disclosure Date: September 21, 2020 (last updated February 22, 2025)
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
Attacker Value
Unknown

CVE-2020-6571

Disclosure Date: September 21, 2020 (last updated February 22, 2025)
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Attacker Value
Unknown

CVE-2020-6573

Disclosure Date: September 21, 2020 (last updated February 22, 2025)
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Attacker Value
Unknown

CVE-2020-6568

Disclosure Date: September 21, 2020 (last updated February 22, 2025)
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Attacker Value
Unknown

CVE-2020-6566

Disclosure Date: September 21, 2020 (last updated February 22, 2025)
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Attacker Value
Unknown

CVE-2020-15964

Disclosure Date: September 21, 2020 (last updated February 22, 2025)
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Attacker Value
Unknown

CVE-2020-8252

Disclosure Date: September 18, 2020 (last updated February 22, 2025)
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
Attacker Value
Unknown

CVE-2020-8201

Disclosure Date: September 18, 2020 (last updated February 22, 2025)
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names.
Attacker Value
Unknown

CVE-2020-0431

Disclosure Date: September 17, 2020 (last updated February 22, 2025)
In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459