rpm package
opensuse/opera&distro=openSUSE Leap 15.2 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.2%20NonFree
Vulnerabilities (227)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21232 | — | < 76.0.4017.107-lp152.2.46.1 | 76.0.4017.107-lp152.2.46.1 | Apr 30, 2021 | Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21231 | — | < 76.0.4017.107-lp152.2.46.1 | 76.0.4017.107-lp152.2.46.1 | Apr 30, 2021 | Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21230 | — | < 76.0.4017.107-lp152.2.46.1 | 76.0.4017.107-lp152.2.46.1 | Apr 30, 2021 | Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21229 | — | < 76.0.4017.107-lp152.2.46.1 | 76.0.4017.107-lp152.2.46.1 | Apr 30, 2021 | Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | ||
| CVE-2021-21228 | — | < 76.0.4017.107-lp152.2.46.1 | 76.0.4017.107-lp152.2.46.1 | Apr 30, 2021 | Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | ||
| CVE-2021-21227 | — | < 76.0.4017.107-lp152.2.46.1 | 76.0.4017.107-lp152.2.46.1 | Apr 30, 2021 | Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21226 | — | < 76.0.4017.94-lp152.2.43.1 | 76.0.4017.94-lp152.2.43.1 | Apr 26, 2021 | Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2021-21225 | — | < 76.0.4017.94-lp152.2.43.1 | 76.0.4017.94-lp152.2.43.1 | Apr 26, 2021 | Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21224 | — | KEV | < 76.0.4017.94-lp152.2.43.1 | 76.0.4017.94-lp152.2.43.1 | Apr 26, 2021 | Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |
| CVE-2021-21223 | — | < 76.0.4017.94-lp152.2.43.1 | 76.0.4017.94-lp152.2.43.1 | Apr 26, 2021 | Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2021-21222 | — | < 76.0.4017.94-lp152.2.43.1 | 76.0.4017.94-lp152.2.43.1 | Apr 26, 2021 | Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | ||
| CVE-2021-21206 | — | KEV | < 76.0.4017.94-lp152.2.43.1 | 76.0.4017.94-lp152.2.43.1 | Apr 26, 2021 | Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21220 | — | KEV | < 76.0.4017.94-lp152.2.43.1 | 76.0.4017.94-lp152.2.43.1 | Apr 26, 2021 | Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21199 | — | < 75.0.3969.171-lp152.2.40.1 | 75.0.3969.171-lp152.2.40.1 | Apr 9, 2021 | Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21198 | — | < 75.0.3969.171-lp152.2.40.1 | 75.0.3969.171-lp152.2.40.1 | Apr 9, 2021 | Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2021-21197 | — | < 75.0.3969.171-lp152.2.40.1 | 75.0.3969.171-lp152.2.40.1 | Apr 9, 2021 | Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21196 | — | < 75.0.3969.171-lp152.2.40.1 | 75.0.3969.171-lp152.2.40.1 | Apr 9, 2021 | Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21195 | — | < 75.0.3969.171-lp152.2.40.1 | 75.0.3969.171-lp152.2.40.1 | Apr 9, 2021 | Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21194 | — | < 75.0.3969.171-lp152.2.40.1 | 75.0.3969.171-lp152.2.40.1 | Apr 9, 2021 | Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-21193 | — | KEV | < 75.0.3969.171-lp152.2.40.1 | 75.0.3969.171-lp152.2.40.1 | Mar 16, 2021 | Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
- CVE-2021-21232Apr 30, 2021affected < 76.0.4017.107-lp152.2.46.1fixed 76.0.4017.107-lp152.2.46.1
Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21231Apr 30, 2021affected < 76.0.4017.107-lp152.2.46.1fixed 76.0.4017.107-lp152.2.46.1
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21230Apr 30, 2021affected < 76.0.4017.107-lp152.2.46.1fixed 76.0.4017.107-lp152.2.46.1
Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21229Apr 30, 2021affected < 76.0.4017.107-lp152.2.46.1fixed 76.0.4017.107-lp152.2.46.1
Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
- CVE-2021-21228Apr 30, 2021affected < 76.0.4017.107-lp152.2.46.1fixed 76.0.4017.107-lp152.2.46.1
Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
- CVE-2021-21227Apr 30, 2021affected < 76.0.4017.107-lp152.2.46.1fixed 76.0.4017.107-lp152.2.46.1
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21226Apr 26, 2021affected < 76.0.4017.94-lp152.2.43.1fixed 76.0.4017.94-lp152.2.43.1
Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2021-21225Apr 26, 2021affected < 76.0.4017.94-lp152.2.43.1fixed 76.0.4017.94-lp152.2.43.1
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 76.0.4017.94-lp152.2.43.1fixed 76.0.4017.94-lp152.2.43.1
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- CVE-2021-21223Apr 26, 2021affected < 76.0.4017.94-lp152.2.43.1fixed 76.0.4017.94-lp152.2.43.1
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2021-21222Apr 26, 2021affected < 76.0.4017.94-lp152.2.43.1fixed 76.0.4017.94-lp152.2.43.1
Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
- affected < 76.0.4017.94-lp152.2.43.1fixed 76.0.4017.94-lp152.2.43.1
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 76.0.4017.94-lp152.2.43.1fixed 76.0.4017.94-lp152.2.43.1
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21199Apr 9, 2021affected < 75.0.3969.171-lp152.2.40.1fixed 75.0.3969.171-lp152.2.40.1
Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21198Apr 9, 2021affected < 75.0.3969.171-lp152.2.40.1fixed 75.0.3969.171-lp152.2.40.1
Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2021-21197Apr 9, 2021affected < 75.0.3969.171-lp152.2.40.1fixed 75.0.3969.171-lp152.2.40.1
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21196Apr 9, 2021affected < 75.0.3969.171-lp152.2.40.1fixed 75.0.3969.171-lp152.2.40.1
Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21195Apr 9, 2021affected < 75.0.3969.171-lp152.2.40.1fixed 75.0.3969.171-lp152.2.40.1
Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-21194Apr 9, 2021affected < 75.0.3969.171-lp152.2.40.1fixed 75.0.3969.171-lp152.2.40.1
Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 75.0.3969.171-lp152.2.40.1fixed 75.0.3969.171-lp152.2.40.1
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Page 6 of 12