Google Chrome Chrome vulnerabilities

CVE-2020-16010 [HIGH] Chrome for Android Update: CVE-2020-16010 Chrome for Android Update CVE-2020-16010: Heap buffer overflow in UI on Android. Reported by Maddie Stone, Mark Brand, and Sergei Glazunov of Google Project Zero on 2020-10-31 Google is aware of reports that an exploit for CVE-2020-16010 exists in the wild Severity: high

CVE-2020-16011 [HIGH] Stable Channel Update for Desktop: CVE-2020-16011 Stable Channel Update for Desktop CVE-2020-16011: Heap buffer overflow in UI on Windows. Reported by Sergei Glazunov of Google Project Zero on 2020-11-01 Google is aware of reports that an exploit for CVE-2020-16009 exists in the wild Severity: high

CVE-2020-16004 [HIGH] Stable Channel Update for Desktop: CVE-2020-16004 Stable Channel Update for Desktop CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15 [$15000][ 1139398 ] High CVE-2020-16005: Insufficient policy enforcement in ANGLE Reported by Jaehun Jeong(@n3sk) of Theori on 2020-10-16 [$5000][ 1133527 ] High CVE-2020-16006: Inappropriate implementation in V8 Severity: high

CVE-2020-15999 [HIGH] Stable Channel Update for Desktop: CVE-2020-15999 Stable Channel Update for Desktop CVE-2020-15999: Heap buffer overflow in Freetype. Reported by Sergei Glazunov of Google Project Zero on 2020-10-19 [$3000][ 1134960 ] Medium CVE-2020-16003: Use after free in printing Reported by Khalil Zhani on 2020-10-04 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severi

CVE-2020-16000 [HIGH] Stable Channel Update for Desktop: CVE-2020-16000 Stable Channel Update for Desktop CVE-2020-16000: Inappropriate implementation in Blink. Reported by amaebi_jp on 2020-09-06 [$TBD][ 1135018 ] High CVE-2020-16001: Use after free in media Reported by Khalil Zhani on 2020-10-05 [$TBD][ 1137630 ] High CVE-2020-16002: Use after free in PDFium Severity: high

CVE-2020-15995 [HIGH] Chrome for Android Update: CVE-2020-15995 Chrome for Android Update CVE-2020-15995: Out of bounds write in V8. Reported by Anonymous on 2020-09-24 [$TBD][ 1133635 ] High CVE-2020-15996: Use after free in passwords Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30 [$N/A][ 1133668 ] High CVE-2020-15997: Use after free in Mojo Severity: high

CVE-2020-15993 [HIGH] Chrome for Android Update: CVE-2020-15993 Chrome for Android Update CVE-2020-15993: Use after free in printing. Reported by Khalil Zhani on 2020-10-01 [$500][ 1117367 ] High CVE-2020-13871, CVE-2020-15358: Use after free in SQLite Reported by Richard Lorenz, SAP on 2020-08-18 [$N/A][ 1117258 ] High CVE-2020-15994: Use after free in V8 Severity: high

CVE-2020-15998 [HIGH] Chrome for Android Update: CVE-2020-15998 Chrome for Android Update CVE-2020-15998: Use after free in USB. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-07 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: high

CVE-2020-15967 [CRITICAL] Stable Channel Update for Desktop: CVE-2020-15967 Stable Channel Update for Desktop CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11 [$5000][ 1126424 ] High CVE-2020-15968: Use after free in Blink Reported by Anonymous on 2020-09-09 [$500][ 1124659 ] High CVE-2020-15969: Use after free in WebRTC Severity: critical

CVE-2020-15970 [HIGH] Stable Channel Update for Desktop: CVE-2020-15970 Stable Channel Update for Desktop CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab on 2020-07-22 [$N/A][ 1114062 ] High CVE-2020-15971: Use after free in printing Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-08-07 [$TBD][ 1115901 ] High CVE-2020-15972: Use after free in audio Severity: high

CVE-2020-15990 [HIGH] Stable Channel Update for Desktop: CVE-2020-15990 Stable Channel Update for Desktop CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30 [$TBD][ 1133688 ] High CVE-2020-15991: Use after free in password manager Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30 [$15000][ 1106890 ] Medium CVE-2020-15973: Insufficient policy enforcement in extensions Severity: high

CVE-2020-15978 [MEDIUM] Stable Channel Update for Desktop: CVE-2020-15978 Stable Channel Update for Desktop CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera (@lbherrera_) on 2020-08-14 [$5000][ 1127319 ] Medium CVE-2020-15979: Inappropriate implementation in V8 Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-09-11 [$3000][ 1092453 ] Medium CVE-2020-15980: Insufficient policy enforcement in Intents Severity: medium

CVE-2020-15974 [MEDIUM] Stable Channel Update for Desktop: CVE-2020-15974 Stable Channel Update for Desktop CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im (junorouse) of Theori on 2020-07-10 [$7500][ 1110800 ] Medium CVE-2020-15975: Integer overflow in SwiftShader Reported by Anonymous on 2020-07-29 [$7500][ 1123522 ] Medium CVE-2020-15976: Use after free in WebXR Severity: medium

CVE-2020-15984 [MEDIUM] Stable Channel Update for Desktop: CVE-2020-15984 Stable Channel Update for Desktop CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora on 2020-05-07 [$N/A][ 1099276 ] Medium CVE-2020-15985: Inappropriate implementation in Blink Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2020-06-25 [$N/A][ 1100247 ] Medium CVE-2020-15986: Integer overflow in media Severity: medium

CVE-2020-6557 [MEDIUM] Stable Channel Update for Desktop: CVE-2020-6557 Stable Channel Update for Desktop CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann (NDS Ruhr-University Bochum) on 2020-05-15 [$5000][ 1097724 ] Medium CVE-2020-15977: Insufficient data validation in dialogs Reported by Narendra Bhati (https://twitter Severity: medium

CVE-2020-15987 [MEDIUM] Stable Channel Update for Desktop: CVE-2020-15987 Stable Channel Update for Desktop CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke on 2020-09-14 [$N/A][ 1110195 ] Medium CVE-2020-15992: Insufficient policy enforcement in networking Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-28 [$500][ 1040837 ] [ 1092518 ] Low CVE-2020-15988: Insufficient policy enforcement in downloads Severity: medium

CVE-2020-15981 [MEDIUM] Stable Channel Update for Desktop: CVE-2020-15981 Stable Channel Update for Desktop CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin on 2020-08-28 [$2000][ 1039882 ] Medium CVE-2020-15982: Side-channel information leakage in cache Reported by Luan Herrera (@lbherrera_) on 2020-01-07 [$N/A][ 1076786 ] Medium CVE-2020-15983: Insufficient data validation in webUI Severity: medium

CVE-2020-15989 [LOW] Stable Channel Update for Desktop: CVE-2020-15989 Stable Channel Update for Desktop CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans (Microsoft) on 2020-07-22 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: low

CVE-2020-15963 [HIGH] Stable Channel Update for Desktop: CVE-2020-15963 Stable Channel Update for Desktop CVE-2020-15963: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-06 [$TBD][ 1126249 ] High CVE-2020-15965: Out of bounds write in V8 Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-09-08 [$TBD][ 1113565 ] Medium CVE-2020-15966: Insufficient policy enforcement in extensions Severity: high

CVE-2020-15960 [HIGH] Stable Channel Update for Desktop: CVE-2020-15960 Stable Channel Update for Desktop CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous on 2020-06-28 [$15000][ 1114636 ] High CVE-2020-15961: Insufficient policy enforcement in extensions Reported by David Erceg on 2020-08-10 [$10000][ 1121836 ] High CVE-2020-15962: Insufficient policy enforcement in serial Severity: high