Skip to main content
CVE-2020-15999 CRITICAL POC KEV PATCH THREAT Act Now

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Google Memory Corruption Chrome Freetype +4
NVD
CVSS 3.1
9.6
EPSS
50.6%
CVE-2020-1909 CRITICAL Act Now

A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Apple RCE Use After Free +2
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-15993 CRITICAL Act Now

Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2020-16011 CRITICAL Act Now

Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Google Memory Corruption Chrome +3
NVD
CVSS 3.1
9.6
EPSS
2.4%
CVE-2020-16010 CRITICAL KEV THREAT Act Now

Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Memory Corruption Chrome
NVD
CVSS 3.1
9.6
EPSS
6.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy