rpm package
opensuse/opera&distro=openSUSE Leap 15.1 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.1%20NonFree
Vulnerabilities (103)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-6553 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6552 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6551 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6550 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6549 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6548 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6547 | Med | 6.5 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page. | |
| CVE-2020-6546 | Hig | 7.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | |
| CVE-2020-6545 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6544 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6543 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6542 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6541 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6540 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6539 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6538 | Med | 6.5 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |
| CVE-2020-6537 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |
| CVE-2020-6532 | Hig | 8.8 | < 70.0.3728.133-lp151.2.27.1 | 70.0.3728.133-lp151.2.27.1 | Sep 21, 2020 | Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-15966 | Med | 4.3 | < 71.0.3770.228-lp152.2.18.1 | 71.0.3770.228-lp152.2.18.1 | Sep 21, 2020 | Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. | |
| CVE-2020-15965 | Hig | 8.8 | < 71.0.3770.228-lp152.2.18.1 | 71.0.3770.228-lp152.2.18.1 | Sep 21, 2020 | Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- affected < 70.0.3728.133-lp151.2.27.1fixed 70.0.3728.133-lp151.2.27.1
Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
- affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Page 3 of 6