rpm package

suse/gn&distro=SUSE Package Hub 15 SP2

pkg:rpm/suse/gn&distro=SUSE%20Package%20Hub%2015%20SP2

Vulnerabilities (39)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2020-6557	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2020-16011	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16009	—	KEV	< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16008	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
CVE-2020-16007	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
CVE-2020-16006	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16005	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16004	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16003	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16002	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2020-16001	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16000	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15992	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
CVE-2020-15991	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15990	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15989	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
CVE-2020-15988	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.
CVE-2020-15987	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
CVE-2020-15986	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15985	—		< 0.1807-bp152.2.3.4	0.1807-bp152.2.3.4	Nov 3, 2020	Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.

CVE-2020-6557Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2020-16011Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-16009KEVNov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16008Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
CVE-2020-16007Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
CVE-2020-16006Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16005Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16004Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16003Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16002Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2020-16001Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16000Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15992Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
CVE-2020-15991Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15990Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15989Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
CVE-2020-15988Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.
CVE-2020-15987Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
CVE-2020-15986Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15985Nov 3, 2020
affected < 0.1807-bp152.2.3.4fixed 0.1807-bp152.2.3.4
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.

Page 1 of 2