VYPR

rpm package

opensuse/opera&distro=openSUSE Leap 15.2 NonFree

pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.2%20NonFree

Vulnerabilities (227)

  • CVE-2020-16002Nov 3, 2020
    affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1

    Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2020-16001Nov 3, 2020
    affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1

    Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-16000Nov 3, 2020
    affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1

    Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15995Nov 3, 2020
    affected < 73.0.3856.344-lp152.2.30.1fixed 73.0.3856.344-lp152.2.30.1

    Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15999KEVNov 3, 2020
    affected < 72.0.3815.320-lp152.2.21.1fixed 72.0.3815.320-lp152.2.21.1

    Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6576Sep 21, 2020
    affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1

    Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6575Sep 21, 2020
    affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1

    Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-6574Sep 21, 2020
    affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1

    Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.

  • CVE-2020-6573Sep 21, 2020
    affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1

    Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2020-6556Sep 21, 2020
    affected < 71.0.3770.228-lp152.2.18.1fixed 71.0.3770.228-lp152.2.18.1

    Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6555Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2020-6554Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.

  • CVE-2020-6553Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6552Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6551Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6550Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6549Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6548Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-6547Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.

  • CVE-2020-6546Sep 21, 2020
    affected < 70.0.3728.133-lp152.2.15.1fixed 70.0.3728.133-lp152.2.15.1

    Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.

Page 9 of 12