Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2020-6507 vulnerabilities and exploits

(subscribe to this query)

9.6
CVSSv3
CVE-2020-6505
Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page....
Google Chrome
8.8
CVSSv3
CVE-2020-6507
Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....
Google Chrome
6.5
CVSSv3
CVE-2020-6506
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page....
Google Chrome
7.8
CVSSv3
CVE-2021-3156
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character....
Sudo Project SudoSudo Project Sudo 1.9.5Fedoraproject Fedora 32Fedoraproject Fedora 33Debian Debian Linux 9.0Debian Debian Linux 10.0Netapp Hci Management Node -Netapp Oncommand Unified Manager Core Package -Netapp Solidfire -Mcafee Web Gateway 8.2.17Mcafee Web Gateway 9.2.8Mcafee Web Gateway 10.0.4Synology Diskstation Manager 6.2Synology Diskstation Manager Unified Controller 3.0Synology Skynas Firmware -Synology Vs960hd Firmware -Beyondtrust Privilege Management For MacBeyondtrust Privilege Management For Unix\\/linuxOracle Micros Compact Workstation 3 Firmware 310Oracle Micros Es400 FirmwareOracle Micros Kitchen Display System Firmware 210Oracle Micros Workstation 5a Firmware 5aOracle Micros Workstation 6 FirmwareOracle Tekelec Platform Distribution
6.5
CVSSv3
CVE-2020-16040
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....
Google Chrome
6.1
CVSSv3
CVE-2020-6470
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents....
Google ChromeFedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Backports Sle 15.0Opensuse Leap 15.1Debian Debian Linux 9.0Debian Debian Linux 10.0
9.6
CVSSv3
CVE-2020-6471
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension....
Google ChromeFedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Backports Sle 15.0Opensuse Leap 15.1Debian Debian Linux 9.0Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-6472
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension....
Google ChromeFedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Backports Sle 15.0Opensuse Leap 15.1Debian Debian Linux 9.0Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2020-6473
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page....
Google ChromeFedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Backports Sle 15.0Opensuse Leap 15.1Debian Debian Linux 9.0Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2020-6474
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....
Google ChromeOpensuse Backports Sle 15.0Opensuse Leap 15.1Fedoraproject Fedora 31Fedoraproject Fedora 32Debian Debian Linux 9.0Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2022-24025SSRFCVE-2022-37451CVE-2022-24022CVE-2022-1215brute forceCVE-2022-29582CVE-2022-36834
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook