rpm package

opensuse/opera&distro=openSUSE Leap 15.1 NonFree

pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.1%20NonFree

Vulnerabilities (103)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2021-21116	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21115	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21114	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21113	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21112	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21111	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21110	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21109	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21108	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21107	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21106	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16043	—		< 73.0.3856.344-lp151.2.42.1	73.0.3856.344-lp151.2.42.1	Jan 8, 2021	Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
CVE-2020-16042	—		< 73.0.3856.284-lp151.2.39.1	73.0.3856.284-lp151.2.39.1	Jan 8, 2021	Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-16041	—		< 73.0.3856.284-lp151.2.39.1	73.0.3856.284-lp151.2.39.1	Jan 8, 2021	Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-16040	—		< 73.0.3856.284-lp151.2.39.1	73.0.3856.284-lp151.2.39.1	Jan 8, 2021	Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16039	—		< 73.0.3856.284-lp151.2.39.1	73.0.3856.284-lp151.2.39.1	Jan 8, 2021	Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16038	—		< 73.0.3856.284-lp151.2.39.1	73.0.3856.284-lp151.2.39.1	Jan 8, 2021	Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16037	—		< 73.0.3856.284-lp151.2.39.1	73.0.3856.284-lp151.2.39.1	Jan 8, 2021	Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16017	—	KEV	< 72.0.3815.400-lp152.2.24.1	72.0.3815.400-lp152.2.24.1	Jan 8, 2021	Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16013	—	KEV	< 72.0.3815.400-lp152.2.24.1	72.0.3815.400-lp152.2.24.1	Jan 8, 2021	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21116Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21115Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21114Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21113Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21112Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21111Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
CVE-2021-21110Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21109Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21108Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21107Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2021-21106Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16043Jan 8, 2021
affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
CVE-2020-16042Jan 8, 2021
affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-16041Jan 8, 2021
affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2020-16040Jan 8, 2021
affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16039Jan 8, 2021
affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16038Jan 8, 2021
affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16037Jan 8, 2021
affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16017KEVJan 8, 2021
affected < 72.0.3815.400-lp152.2.24.1fixed 72.0.3815.400-lp152.2.24.1
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16013KEVJan 8, 2021
affected < 72.0.3815.400-lp152.2.24.1fixed 72.0.3815.400-lp152.2.24.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 1 of 6