This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Google First view 2012-05-24
Product Chrome Last view 2020-09-21
Version 19.0.1084.50 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:google:chrome

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2020-09-21 CVE-2020-6576

Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.3 2020-09-21 CVE-2020-6575

Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

7.8 2020-09-21 CVE-2020-6574

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.

9.6 2020-09-21 CVE-2020-6573

Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

4.3 2020-09-21 CVE-2020-6571

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

4.3 2020-09-21 CVE-2020-6570

Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.

6.3 2020-09-21 CVE-2020-6569

Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6568

Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6567

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6566

Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6565

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6564

Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6563

Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6562

Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6561

Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6560

Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6559

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6558

Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6556

Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6555

Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

8.6 2020-09-21 CVE-2020-6554

Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.

8.8 2020-09-21 CVE-2020-6553

Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6552

Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6551

Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6550

Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
14% (195) CWE-416 Use After Free
14% (194) CWE-20 Improper Input Validation
12% (167) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (129) CWE-787 Out-of-bounds Write
7% (106) CWE-399 Resource Management Errors
6% (90) CWE-200 Information Exposure
4% (61) CWE-264 Permissions, Privileges, and Access Controls
3% (51) CWE-125 Out-of-bounds Read
3% (45) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
3% (43) CWE-190 Integer Overflow or Wraparound
2% (35) CWE-189 Numeric Errors
2% (29) CWE-254 Security Features
2% (28) CWE-284 Access Control (Authorization) Issues
1% (23) CWE-362 Race Condition
1% (23) CWE-276 Incorrect Default Permissions
1% (18) CWE-17 Code
1% (16) CWE-19 Data Handling
1% (14) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (13) CWE-704 Incorrect Type Conversion or Cast
0% (8) CWE-269 Improper Privilege Management
0% (8) CWE-94 Failure to Control Generation of Code ('Code Injection')
0% (7) CWE-310 Cryptographic Issues
0% (6) CWE-290 Authentication Bypass by Spoofing
0% (6) CWE-285 Improper Access Control (Authorization)
0% (6) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-31 Name : Fedora Update for v8 FEDORA-2012-20103
File : nvt/gb_fedora_2012_20103_v8_fc17.nasl
2012-12-14 Name : SuSE Update for Chromium openSUSE-SU-2012:1637-1 (Chromium)
File : nvt/gb_suse_2012_1637_1.nasl
2012-12-14 Name : Google Chrome Multiple Vulnerabilities-03 Dec2012 (Linux)
File : nvt/gb_google_chrome_mult_vuln03_dec12_lin.nasl
2012-12-14 Name : Google Chrome Multiple Vulnerabilities-03 Dec2012 (Mac OS X)
File : nvt/gb_google_chrome_mult_vuln03_dec12_macosx.nasl
2012-12-14 Name : Google Chrome Multiple Vulnerabilities-03 Dec2012 (Windows)
File : nvt/gb_google_chrome_mult_vuln03_dec12_win.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:1376-1 (update)
File : nvt/gb_suse_2012_1376_1.nasl
2012-12-13 Name : SuSE Update for chromium openSUSE-SU-2012:1215-1 (chromium)
File : nvt/gb_suse_2012_1215_1.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0993-1 (update)
File : nvt/gb_suse_2012_0993_1.nasl
2012-12-06 Name : Ubuntu Update for libxml2 USN-1656-1
File : nvt/gb_ubuntu_USN_1656_1.nasl
2012-12-04 Name : Google Chrome Multiple Vulnerabilities-02 Dec2012 (Mac OS X)
File : nvt/gb_google_chrome_mult_vuln02_dec12_macosx.nasl
2012-12-04 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium24.nasl
2012-12-04 Name : CentOS Update for libxml2 CESA-2012:1512 centos5
File : nvt/gb_CESA-2012_1512_libxml2_centos5.nasl
2012-12-04 Name : CentOS Update for libxml2 CESA-2012:1512 centos6
File : nvt/gb_CESA-2012_1512_libxml2_centos6.nasl
2012-12-04 Name : Google Chrome Multiple Vulnerabilities-02 Dec2012 (Linux)
File : nvt/gb_google_chrome_mult_vuln02_dec12_lin.nasl
2012-12-04 Name : Google Chrome Multiple Vulnerabilities-01 Dec2012 (Windows)
File : nvt/gb_google_chrome_mult_vuln01_dec12_win.nasl
2012-12-04 Name : RedHat Update for libxml2 RHSA-2012:1512-01
File : nvt/gb_RHSA-2012_1512-01_libxml2.nasl
2012-12-04 Name : Google Chrome Multiple Vulnerabilities-01 Dec2012 (Mac OS X)
File : nvt/gb_google_chrome_mult_vuln01_dec12_macosx.nasl
2012-12-04 Name : Google Chrome Multiple Vulnerabilities-01 Dec2012 (Linux)
File : nvt/gb_google_chrome_mult_vuln01_dec12_lin.nasl
2012-12-04 Name : Google Chrome Multiple Vulnerabilities-02 Dec2012 (Windows)
File : nvt/gb_google_chrome_mult_vuln02_dec12_win.nasl
2012-12-04 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium23.nasl
2012-12-04 Name : Mandriva Update for libxml2 MDVSA-2012:176 (libxml2)
File : nvt/gb_mandriva_MDVSA_2012_176.nasl
2012-12-04 Name : Debian Security Advisory DSA 2580-1 (libxml2)
File : nvt/deb_2580_1.nasl
2012-11-26 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium22.nasl
2012-11-21 Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Linux)
File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_lin.nasl
2012-11-21 Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_macosx.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0107 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0061361
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2014-B-0161 Multiple Vulnerabilities in VMware ESXi 5.1
Severity: Category I - VMSKEY: V0057717
2014-B-0071 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0052483
2014-B-0060 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050897
2014-B-0056 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050433
2014-B-0049 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050017
2014-B-0048 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0050015
2014-B-0039 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0048683
2014-B-0031 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0046767
2014-B-0026 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0046159
2014-B-0024 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0046157
2014-B-0023 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0045283
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547
2014-B-0020 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0044539
2014-B-0007 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0043878
2014-B-0003 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0043401
2014-A-0012 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0043396
2013-B-0137 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0042597
2013-A-0233 Multiple Vulnerabilities in Mozilla Products
Severity: Category I - VMSKEY: V0042596
2013-B-0132 Google Chrome Memory Corruption Vulnerability
Severity: Category I - VMSKEY: V0042381
2013-B-0124 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0042301
2013-B-0119 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0041067
2013-B-0112 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0040762
2013-A-0031 Multiple Security Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity: Category I - VMSKEY: V0036787

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54625 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54624 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54623 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54622 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54498 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54497 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53943 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53942 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53845 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53844 - Type : BROWSER-CHROME - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53836 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53835 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53754 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53753 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53752 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53751 - Type : BROWSER-CHROME - Revision : 1
2020-05-05 Google Chrome desktopMediaPickerController use after free attempt
RuleID : 53534 - Type : BROWSER-CHROME - Revision : 1
2020-05-05 Google Chrome desktopMediaPickerController use after free attempt
RuleID : 53533 - Type : BROWSER-CHROME - Revision : 1
2020-03-31 Google Chrome V8 Turbofan Array pop type confusion attempt
RuleID : 53343 - Type : BROWSER-CHROME - Revision : 1
2020-03-31 Google Chrome V8 Turbofan Array pop type confusion attempt
RuleID : 53342 - Type : BROWSER-CHROME - Revision : 1
2020-03-19 Google Chrome V8 FindSharedFunctionInfo out-of-bounds read attempt
RuleID : 53146 - Type : BROWSER-CHROME - Revision : 1
2020-03-19 Google Chrome V8 FindSharedFunctionInfo out-of-bounds read attempt
RuleID : 53145 - Type : BROWSER-CHROME - Revision : 1
2020-02-13 Google V8 engine type confusion attempt
RuleID : 52602 - Type : BROWSER-CHROME - Revision : 1
2020-02-13 Google V8 engine type confusion attempt
RuleID : 52601 - Type : BROWSER-CHROME - Revision : 1
2020-01-23 Google Chrome V8 AwaitedPromise memory corruption attempt
RuleID : 52504 - Type : BROWSER-CHROME - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2019-1007.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote Fedora host is missing a security update.
File: fedora_2019-859384e002.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_546d4dd410ea11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_720590df10eb11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-13d8c35127.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-34f7f68029.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-39be36e9fc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-499f2dbc96.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-7c80aaef26.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-8e866c5066.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-94e1bc8c23.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-aafdbb5554.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b844991a97.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f76e6d17f1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-fd194a1f14.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1446.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3831.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3833.nasl - Type: ACT_GATHER_INFO
2018-12-24 Name: The remote Debian host is missing a security update.
File: debian_DLA-1613.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote Debian host is missing a security update.
File: debian_DLA-1605.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote Windows host is affected by a use after...
File: google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote macOS host is affected by a use after f...
File: macosx_google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4354.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type: ACT_GATHER_INFO