rpm package
opensuse/opera&distro=openSUSE Leap 15.1 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.1%20NonFree
Vulnerabilities (103)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-16011 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-16009 | — | KEV | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16008 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. | ||
| CVE-2020-16007 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | ||
| CVE-2020-16006 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16005 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16004 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16003 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16002 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | ||
| CVE-2020-16001 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16000 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-15995 | — | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Nov 3, 2020 | Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-15999 | — | KEV | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6576 | — | < 71.0.3770.228-lp152.2.18.1 | 71.0.3770.228-lp152.2.18.1 | Sep 21, 2020 | Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-6575 | — | < 71.0.3770.228-lp152.2.18.1 | 71.0.3770.228-lp152.2.18.1 | Sep 21, 2020 | Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-6574 | — | < 71.0.3770.228-lp152.2.18.1 | 71.0.3770.228-lp152.2.18.1 | Sep 21, 2020 | Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. | ||
| CVE-2020-6573 | — | < 71.0.3770.228-lp152.2.18.1 | 71.0.3770.228-lp152.2.18.1 | Sep 21, 2020 | Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-6556 | — | < 71.0.3770.228-lp152.2.18.1 | 71.0.3770.228-lp152.2.18.1 | Sep 21, 2020 | Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-6555 | — | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||
| CVE-2020-6554 | — | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. |
- CVE-2020-16011Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16008Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
- CVE-2020-16007Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
- CVE-2020-16006Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16005Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16004Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16003Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16002Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- CVE-2020-16001Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16000Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-15995Nov 3, 2020affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-6576Sep 21, 2020affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-6575Sep 21, 2020affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2020-6574Sep 21, 2020affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
- CVE-2020-6573Sep 21, 2020affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2020-6556Sep 21, 2020affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1
Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-6555Sep 21, 2020affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
- CVE-2020-6554Sep 21, 2020affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
Page 2 of 6