Dashboard: Zero-Days in Desktop Web Browsers

The web browser with the most zero-day exploits in recent history is Chrome

Dashboard timeframe: 2019-01-01 to date (updated Mar 2021)

Date	Browser	CVE Reference	CVSS	Type	Vendor Advisory
12 Mar 2021	Chrome	CVE-2021-21193	8.8	Use-after-free	Link
02 Mar 2021	Chrome	CVE-2021-21166	8.8	Object lifecycle	Link
05 Feb 2021	Chrome	CVE-2021-21148	8.8	Heap corruption	Link
04 Feb 2021	IE	CVE-2021-26411	8.8	Heap corruption	Link
11 Nov 2020	Chrome	CVE-2020-16017	8.8	Security bypass	Link
11 Nov 2020	Chrome	CVE-2020-16013	8.8	Heap corruption	Link
02 Nov 2020	Chrome	CVE-2020-16009	8.8	Heap corruption	Link
20 Oct 2020	Chrome	CVE-2020-15999	8.8	Heap corruption	Link
11 Aug 2020	IE	CVE-2020-1380	7.5	Use-after-free	Link
14 Jul 2020	Chrome	CVE-2020-6519	8.2	Security bypass	Link
03 Apr 2020	Firefox	CVE-2020-6820	8.8	Use-after-free	Link
03 Apr 2020	Firefox	CVE-2020-6819	8.8	Use-after-free	Link
03 Apr 2020	Safari	CVE-2020-3852	N/A	N/A	Link
03 Apr 2020	Safari	CVE-2020-3864	N/A	N/A	Link
03 Apr 2020	Safari	CVE-2020-3865	N/A	N/A	Link
03 Apr 2020	Safari	CVE-2020-3885	N/A	N/A	Link
03 Apr 2020	Safari	CVE-2020-3887	N/A	N/A	Link
03 Apr 2020	Safari	CVE-2020-9784	N/A	N/A	Link
03 Apr 2020	Safari	CVE-2020-9787	N/A	N/A	Link
26 Feb 2020	Chrome	CVE-2020-6418	6.5	Type confusion	Link
17 Jan 2020	IE	CVE-2020-0674	7.5	Use-after-free	Link
08 Jan 2020	Firefox	CVE-2019-17026	8.8	Type confusion	Link
12 Nov 2019	IE	CVE-2019-1429	7.5	Use-after-free	Link
02 Nov 2019	Chrome	CVE-2019-13720	8.8	Use-after-free	Link
23 Sep 2019	IE	CVE-2019-1367	7.5	Use-after-free	Link
18 Jun 2019	Firefox	CVE-2019-11708	10.0	Input validation	Link
18 Jun 2019	Firefox	CVE-2019-11707	8.8	Type confusion	Link
01 Mar 2019	Chrome	CVE-2019-5786	6.5	Use-after-free	Link

* Most zero-day exploits in IE11 are due to bugs in deprecated scripting engines, which are no longer used by modern websites but can still be forcibly loaded by a malicious web page. In Windows 10, it is possible to disable those scripting engines using system-wide registry settings.

Source: nvd.nist.gov

Follow @hexatoms to get notified of changes.