Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
CVE-2020-6418 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-6396
Inappropriate implementation in Skia in Google Chrome before 80.0.3987.87 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
6.5
CVSSv3
CVE-2020-6397
Inappropriate implementation in sharing in Google Chrome before 80.0.3987.87 allowed a remote malicious user to spoof security UI via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2020-6398
Use of uninitialized data in PDFium in Google Chrome before 80.0.3987.87 allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2020-6407
Out of bounds memory access in streams in Google Chrome before 80.0.3987.122 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
1 Article
6.5
CVSSv3
CVE-2020-6408
Insufficient policy enforcement in CORS in Google Chrome before 80.0.3987.87 allowed a local malicious user to obtain potentially sensitive information via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Suse Package Hub -
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
8.8
CVSSv3
CVE-2020-6409
Inappropriate implementation in Omnibox in Google Chrome before 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.
Google Chrome
8.8
CVSSv3
CVE-2020-6410
Insufficient policy enforcement in navigation in Google Chrome before 80.0.3987.87 allowed a remote malicious user to confuse the user via a crafted domain name.
Google Chrome
5.4
CVSSv3
CVE-2020-6411
Insufficient validation of untrusted input in Omnibox in Google Chrome before 80.0.3987.87 allowed a remote malicious user to perform domain spoofing via IDN homographs via a crafted domain name.
Google Chrome
5.4
CVSSv3
CVE-2020-6412
Insufficient validation of untrusted input in Omnibox in Google Chrome before 80.0.3987.87 allowed a remote malicious user to perform domain spoofing via IDN homographs via a crafted domain name.
Google Chrome
Opensuse Backports Sle 15.0
8.8
CVSSv3
CVE-2020-6413
Inappropriate implementation in Blink in Google Chrome before 80.0.3987.87 allowed a remote malicious user to bypass HTML validators via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »