rpm package
opensuse/opera&distro=openSUSE Leap 15.2 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.2%20NonFree
Vulnerabilities (227)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21108 | — | < 73.0.3856.344-lp152.2.30.1 | 73.0.3856.344-lp152.2.30.1 | Jan 8, 2021 | Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2021-21107 | — | < 73.0.3856.344-lp152.2.30.1 | 73.0.3856.344-lp152.2.30.1 | Jan 8, 2021 | Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2021-21106 | — | < 73.0.3856.344-lp152.2.30.1 | 73.0.3856.344-lp152.2.30.1 | Jan 8, 2021 | Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-16043 | — | < 73.0.3856.344-lp152.2.30.1 | 73.0.3856.344-lp152.2.30.1 | Jan 8, 2021 | Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic. | ||
| CVE-2020-16042 | — | < 73.0.3856.284-lp152.2.27.1 | 73.0.3856.284-lp152.2.27.1 | Jan 8, 2021 | Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||
| CVE-2020-16041 | — | < 73.0.3856.284-lp152.2.27.1 | 73.0.3856.284-lp152.2.27.1 | Jan 8, 2021 | Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. | ||
| CVE-2020-16040 | — | < 73.0.3856.284-lp152.2.27.1 | 73.0.3856.284-lp152.2.27.1 | Jan 8, 2021 | Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16039 | — | < 73.0.3856.284-lp152.2.27.1 | 73.0.3856.284-lp152.2.27.1 | Jan 8, 2021 | Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16038 | — | < 73.0.3856.284-lp152.2.27.1 | 73.0.3856.284-lp152.2.27.1 | Jan 8, 2021 | Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16037 | — | < 73.0.3856.284-lp152.2.27.1 | 73.0.3856.284-lp152.2.27.1 | Jan 8, 2021 | Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16017 | — | KEV | < 72.0.3815.400-lp152.2.24.1 | 72.0.3815.400-lp152.2.24.1 | Jan 8, 2021 | Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-16013 | — | KEV | < 72.0.3815.400-lp152.2.24.1 | 72.0.3815.400-lp152.2.24.1 | Jan 8, 2021 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16011 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-16009 | — | KEV | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16008 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. | ||
| CVE-2020-16007 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | ||
| CVE-2020-16006 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16005 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16004 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2020-16003 | — | < 72.0.3815.320-lp152.2.21.1 | 72.0.3815.320-lp152.2.21.1 | Nov 3, 2020 | Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
- CVE-2021-21108Jan 8, 2021affected < 73.0.3856.344-lp152.2.30.1fixed 73.0.3856.344-lp152.2.30.1
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2021-21107Jan 8, 2021affected < 73.0.3856.344-lp152.2.30.1fixed 73.0.3856.344-lp152.2.30.1
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2021-21106Jan 8, 2021affected < 73.0.3856.344-lp152.2.30.1fixed 73.0.3856.344-lp152.2.30.1
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2020-16043Jan 8, 2021affected < 73.0.3856.344-lp152.2.30.1fixed 73.0.3856.344-lp152.2.30.1
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
- CVE-2020-16042Jan 8, 2021affected < 73.0.3856.284-lp152.2.27.1fixed 73.0.3856.284-lp152.2.27.1
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
- CVE-2020-16041Jan 8, 2021affected < 73.0.3856.284-lp152.2.27.1fixed 73.0.3856.284-lp152.2.27.1
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
- CVE-2020-16040Jan 8, 2021affected < 73.0.3856.284-lp152.2.27.1fixed 73.0.3856.284-lp152.2.27.1
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16039Jan 8, 2021affected < 73.0.3856.284-lp152.2.27.1fixed 73.0.3856.284-lp152.2.27.1
Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16038Jan 8, 2021affected < 73.0.3856.284-lp152.2.27.1fixed 73.0.3856.284-lp152.2.27.1
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16037Jan 8, 2021affected < 73.0.3856.284-lp152.2.27.1fixed 73.0.3856.284-lp152.2.27.1
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 72.0.3815.400-lp152.2.24.1fixed 72.0.3815.400-lp152.2.24.1
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 72.0.3815.400-lp152.2.24.1fixed 72.0.3815.400-lp152.2.24.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16011Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16008Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
- CVE-2020-16007Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
- CVE-2020-16006Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16005Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16004Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2020-16003Nov 3, 2020affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Page 8 of 12