This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Google First view 2014-01-16
Product Chrome Last view 2020-09-21
Version 32.0.1671.4 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:google:chrome

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2020-09-21 CVE-2020-6553

Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

7.8 2020-09-21 CVE-2020-6546

Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.

8.8 2020-09-21 CVE-2020-6545

Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6544

Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6543

Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6542

Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6541

Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6540

Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6539

Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5 2020-09-21 CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6537

Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8 2020-09-21 CVE-2020-6532

Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

4.3 2020-09-21 CVE-2020-15966

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.

8.8 2020-09-21 CVE-2020-15965

Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8 2020-09-21 CVE-2020-15964

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.6 2020-09-21 CVE-2020-15963

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

8.8 2020-09-21 CVE-2020-15962

Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

9.6 2020-09-21 CVE-2020-15961

Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

8.8 2020-09-21 CVE-2020-15960

Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

4.3 2020-09-21 CVE-2020-15959

Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.

8.8 2020-09-11 CVE-2020-16873

A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106, aka 'Xamarin.Forms Spoofing Vulnerability'.

4.3 2020-07-22 CVE-2020-6536

Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.

6.1 2020-07-22 CVE-2020-6535

Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page.

8.8 2020-07-22 CVE-2020-6534

Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8 2020-07-22 CVE-2020-6533

Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
15% (178) CWE-20 Improper Input Validation
15% (172) CWE-416 Use After Free
11% (127) CWE-787 Out-of-bounds Write
9% (107) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (81) CWE-200 Information Exposure
4% (47) CWE-125 Out-of-bounds Read
3% (44) CWE-264 Permissions, Privileges, and Access Controls
3% (41) CWE-190 Integer Overflow or Wraparound
3% (39) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
2% (29) CWE-399 Resource Management Errors
2% (29) CWE-254 Security Features
2% (28) CWE-284 Access Control (Authorization) Issues
2% (23) CWE-276 Incorrect Default Permissions
1% (20) CWE-189 Numeric Errors
1% (18) CWE-17 Code
1% (16) CWE-19 Data Handling
1% (13) CWE-704 Incorrect Type Conversion or Cast
1% (13) CWE-362 Race Condition
1% (12) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (7) CWE-269 Improper Privilege Management
0% (7) CWE-94 Failure to Control Generation of Code ('Code Injection')
0% (6) CWE-310 Cryptographic Issues
0% (6) CWE-290 Authentication Bypass by Spoofing
0% (6) CWE-285 Improper Access Control (Authorization)
0% (4) CWE-346 Origin Validation Error

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0107 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0061361
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2014-B-0071 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0052483
2014-B-0060 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050897
2014-B-0056 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050433
2014-B-0048 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0050015
2014-B-0049 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050017
2014-B-0039 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0048683
2014-B-0031 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0046767
2014-B-0026 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0046159
2014-B-0023 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0045283
2014-B-0020 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0044539
2014-B-0007 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0043878
2014-B-0003 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0043401

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54625 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54624 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54623 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54622 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54498 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54497 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53943 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53942 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53845 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53844 - Type : BROWSER-CHROME - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53836 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53835 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53754 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53753 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53752 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53751 - Type : BROWSER-CHROME - Revision : 1
2020-05-05 Google Chrome desktopMediaPickerController use after free attempt
RuleID : 53534 - Type : BROWSER-CHROME - Revision : 1
2020-05-05 Google Chrome desktopMediaPickerController use after free attempt
RuleID : 53533 - Type : BROWSER-CHROME - Revision : 1
2020-03-31 Google Chrome V8 Turbofan Array pop type confusion attempt
RuleID : 53343 - Type : BROWSER-CHROME - Revision : 1
2020-03-31 Google Chrome V8 Turbofan Array pop type confusion attempt
RuleID : 53342 - Type : BROWSER-CHROME - Revision : 1
2020-03-19 Google Chrome V8 FindSharedFunctionInfo out-of-bounds read attempt
RuleID : 53146 - Type : BROWSER-CHROME - Revision : 1
2020-03-19 Google Chrome V8 FindSharedFunctionInfo out-of-bounds read attempt
RuleID : 53145 - Type : BROWSER-CHROME - Revision : 1
2020-02-13 Google V8 engine type confusion attempt
RuleID : 52602 - Type : BROWSER-CHROME - Revision : 1
2020-02-13 Google V8 engine type confusion attempt
RuleID : 52601 - Type : BROWSER-CHROME - Revision : 1
2020-01-23 Google Chrome V8 AwaitedPromise memory corruption attempt
RuleID : 52504 - Type : BROWSER-CHROME - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2019-1007.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote Fedora host is missing a security update.
File: fedora_2019-859384e002.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_546d4dd410ea11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_720590df10eb11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-13d8c35127.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-34f7f68029.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-39be36e9fc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-499f2dbc96.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-7c80aaef26.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-8e866c5066.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-94e1bc8c23.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-aafdbb5554.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b844991a97.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f76e6d17f1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-fd194a1f14.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1446.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3831.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3833.nasl - Type: ACT_GATHER_INFO
2018-12-24 Name: The remote Debian host is missing a security update.
File: debian_DLA-1613.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote Debian host is missing a security update.
File: debian_DLA-1605.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote Windows host is affected by a use after...
File: google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote macOS host is affected by a use after f...
File: macosx_google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4354.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type: ACT_GATHER_INFO