Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Total 12830 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16029 1 Google 1 Chrome 2021-01-12 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file.
CVE-2020-16027 1 Google 1 Chrome 2021-01-12 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.
CVE-2020-16020 1 Google 2 Chrome, Chrome Os 2021-01-12 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file.
CVE-2020-16019 1 Google 2 Chrome, Chrome Os 2021-01-12 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
CVE-2020-16036 1 Google 1 Chrome 2021-01-11 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via a crafted HTML page.
CVE-2020-16034 1 Google 1 Chrome 2021-01-11 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page.
CVE-2020-16033 1 Google 1 Chrome 2021-01-11 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2020-16032 1 Google 1 Chrome 2021-01-11 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-16031 1 Google 1 Chrome 2021-01-11 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-16035 1 Google 2 Chrome, Chrome Os 2021-01-11 6.8 MEDIUM 8.8 HIGH
Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file.
CVE-2020-16030 1 Google 1 Chrome 2021-01-11 4.3 MEDIUM 6.1 MEDIUM
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
CVE-2020-16028 1 Google 1 Chrome 2021-01-11 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16018 1 Google 1 Chrome 2021-01-11 6.8 MEDIUM 9.6 CRITICAL
Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16016 1 Google 1 Chrome 2021-01-11 6.8 MEDIUM 9.6 CRITICAL
Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-3022 1 Google 1 Android 2021-01-08 2.1 LOW 5.5 MEDIUM
An issue was discovered on LG mobile devices with Android OS 10 software. There was no write protection for the MTK protect2 partition. The LG ID is LVE-SMP-200028 (January 2021).
CVE-2021-22495 2 Google, Samsung 2 Android, Exynos 2021-01-08 7.1 HIGH 5.5 MEDIUM
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung ID is SVE-2020-19174 (January 2021).
CVE-2021-22494 2 Google, Samsung 2 Android, Galaxy Note 20 2021-01-08 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. When a screen protector is used, the required image compensation is not present. Consequently, inversion can occur during fingerprint enrollment, and a high False Recognition Rate (FRR) can occur. The Samsung ID is SVE-2020-19216 (January 2021).
CVE-2021-22492 1 Google 1 Android 2021-01-08 5.8 MEDIUM 8.8 HIGH
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-18731 (January 2021).
CVE-2020-35864 1 Google 1 Flatbuffers 2021-01-07 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the flatbuffers crate through 2020-04-11 for Rust. read_scalar (and read_scalar_at) can transmute values without unsafe blocks.
CVE-2019-25004 1 Google 1 Flatbuffers 2021-01-06 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the flatbuffers crate before 0.6.1 for Rust. Arbitrary bytes can be reinterpreted as a bool, defeating soundness.