rpm package
opensuse/opera&distro=openSUSE Leap 15.1 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.1%20NonFree
Vulnerabilities (103)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21116 | Hig | 8.8 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21115 | Cri | 9.6 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2021-21114 | Hig | 8.8 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21113 | Hig | 8.8 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21112 | Hig | 8.8 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21111 | Cri | 9.6 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |
| CVE-2021-21110 | Cri | 9.6 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2021-21109 | Cri | 9.6 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2021-21108 | Cri | 9.6 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2021-21107 | Cri | 9.6 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2021-21106 | Cri | 9.6 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-16043 | Hig | 8.8 | < 73.0.3856.344-lp151.2.42.1 | 73.0.3856.344-lp151.2.42.1 | Jan 8, 2021 | Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic. | |
| CVE-2020-16042 | Med | 6.5 | < 73.0.3856.284-lp151.2.39.1 | 73.0.3856.284-lp151.2.39.1 | Jan 8, 2021 | Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |
| CVE-2020-16041 | Hig | 8.1 | < 73.0.3856.284-lp151.2.39.1 | 73.0.3856.284-lp151.2.39.1 | Jan 8, 2021 | Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. | |
| CVE-2020-16040 | Med | 6.5 | < 73.0.3856.284-lp151.2.39.1 | 73.0.3856.284-lp151.2.39.1 | Jan 8, 2021 | Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16039 | Hig | 8.8 | < 73.0.3856.284-lp151.2.39.1 | 73.0.3856.284-lp151.2.39.1 | Jan 8, 2021 | Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16038 | Hig | 8.8 | < 73.0.3856.284-lp151.2.39.1 | 73.0.3856.284-lp151.2.39.1 | Jan 8, 2021 | Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16037 | Hig | 8.8 | < 73.0.3856.284-lp151.2.39.1 | 73.0.3856.284-lp151.2.39.1 | Jan 8, 2021 | Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16017 | Cri | 9.6 | KEV | < 72.0.3815.400-lp152.2.24.1 | 72.0.3815.400-lp152.2.24.1 | Jan 8, 2021 | Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
| CVE-2020-16013 | Hig | 8.8 | KEV | < 72.0.3815.400-lp152.2.24.1 | 72.0.3815.400-lp152.2.24.1 | Jan 8, 2021 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 73.0.3856.344-lp151.2.42.1fixed 73.0.3856.344-lp151.2.42.1
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
- affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
- affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
- affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 73.0.3856.284-lp151.2.39.1fixed 73.0.3856.284-lp151.2.39.1
Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 72.0.3815.400-lp152.2.24.1fixed 72.0.3815.400-lp152.2.24.1
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 72.0.3815.400-lp152.2.24.1fixed 72.0.3815.400-lp152.2.24.1
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Page 1 of 6