Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
chrome vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-5804
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name....
4.6
CVSSv2
CVE-2020-6404
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page....
4.3
CVSSv2
CVE-2010-1503
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI....
6.8
CVSSv2
CVE-2018-6054
Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension....
7.5
CVSSv2
CVE-2008-4058
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1)...
10
CVSSv2
CVE-2016-9652
Multiple unspecified vulnerabilities in Google Chrome before 55.0.2883.75....
1 Article available
6.8
CVSSv2
CVE-2020-6380
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension....
1 Github repository available
5
CVSSv2
CVE-2011-0470
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors....
6.8
CVSSv2
CVE-2018-6033
Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension....
1 Article available
4.3
CVSSv2
CVE-2018-6046
Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension....
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2020-15372
CVE-2020-25145
CVE-2020-25139
CVE-2020-17382
path traversal
CVE-2020-7735
log injection
cpanel
CVE-2020-1895
« PREV
1
2
3
4
5
6
7
8
NEXT »
Vulmon