Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.1
CVSSv3

CVE-2020-16041

Published: 08/01/2021 Updated: 04/03/2021
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Subscribe to Google

Vulnerability Summary

Out of bounds read in networking in Google Chrome before 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

Vendor Advisories

Debian Security Advisories: DSA-4824-1 chromium -- security update
Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure For the stable distribution (buster), these problems have been fixed in version 870428088-04~deb10u1 We recommend that you upgrade your chromium packages For the detailed sec ...
Arch Linux Issues:
An out of bounds read security issue has been found in the networking component of the chromium browser before version 870428088 ...
Google Chrome: Stable Channel Update for Desktop
The Stable channel has been updated to 870428088 for Windows, Mac and Linux which will roll out over the coming days/weeksA full list of changes in this build is available in the log Interested in switching release channels?  Find out how here If you find a new issue, please let us know by filing a bug The community help forum is also a ...

Github Repositories

https://github.com/singularseclab/Browser_Exploits

A collection of browser exploitation codes from Singular Security Lab.

Browser Exploits A collection of browser exploitation codes from Singular Security Lab CVE-2022-1310 Target: V8 Version: 8311013 Arch: X86-64 Credit: Brendon Tiszka(Bug collision) Webkit Bug 216378 Target: JavaScriptCore Version: Safari-6092912 Arch: X86-64 Credit: Unknown(Bug collision) CVE-2020-16040 & CVE-2020-16041 Target: Samsung Browser Fu

References

CWE-125https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.htmlhttps://crbug.com/1151865http://packetstormsecurity.com/files/161581/Chrome-DataElement-Out-Of-Bounds-Read.htmlhttps://nvd.nist.govhttps://github.com/singularseclab/Browser_Exploitshttps://www.debian.org/security/2021/dsa-4824
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook