rpm package
suse/gn&distro=SUSE Package Hub 15 SP2
pkg:rpm/suse/gn&distro=SUSE%20Package%20Hub%2015%20SP2
Vulnerabilities (39)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-6557 | Med | 6.5 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |
| CVE-2020-16011 | Cri | 9.6 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-16009 | Hig | 8.8 | KEV | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-16008 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. | |
| CVE-2020-16007 | Hig | 7.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | |
| CVE-2020-16006 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16005 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16004 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16003 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16002 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |
| CVE-2020-16001 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16000 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-15999 | Cri | 9.6 | KEV | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2020-15992 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. | |
| CVE-2020-15991 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-15990 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-15989 | Med | 5.5 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. | |
| CVE-2020-15988 | Med | 6.3 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page. | |
| CVE-2020-15987 | Hig | 8.8 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream. | |
| CVE-2020-15986 | Med | 6.5 | < 0.1807-bp152.2.3.4 | 0.1807-bp152.2.3.4 | Nov 3, 2020 | Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
- affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Page 1 of 2