Filtered by vendor Opensuse
Subscriptions
Filtered by product Backports
Subscriptions
Total
96 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-5789 | 3 Google, Opensuse, Redhat | 4 Chrome, Backports, Leap and 1 more | 2024-08-04 | 8.8 High |
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | ||||
CVE-2019-5787 | 3 Google, Opensuse, Redhat | 4 Chrome, Backports, Leap and 1 more | 2024-08-04 | 8.8 High |
Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2019-5791 | 3 Google, Opensuse, Redhat | 4 Chrome, Backports, Leap and 1 more | 2024-08-04 | 8.8 High |
Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||||
CVE-2019-5788 | 3 Google, Opensuse, Redhat | 4 Chrome, Backports, Leap and 1 more | 2024-08-04 | 8.8 High |
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | ||||
CVE-2019-5790 | 3 Google, Opensuse, Redhat | 4 Chrome, Backports, Leap and 1 more | 2024-08-04 | 8.8 High |
An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | ||||
CVE-2019-5459 | 2 Opensuse, Videolan | 4 Backports, Backports Sle, Leap and 1 more | 2024-08-04 | 7.1 High |
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read. | ||||
CVE-2019-5460 | 2 Opensuse, Videolan | 3 Backports, Leap, Vlc Media Player | 2024-08-04 | 5.5 Medium |
Double Free in VLC versions <= 3.0.6 leads to a crash. | ||||
CVE-2019-5163 | 2 Opensuse, Shadowsocks | 3 Backports, Leap, Shadowsocks-libev | 2024-08-04 | 7.5 High |
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability. | ||||
CVE-2020-15803 | 4 Debian, Fedoraproject, Opensuse and 1 more | 5 Debian Linux, Fedora, Backports and 2 more | 2024-08-04 | 6.1 Medium |
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. | ||||
CVE-2020-14983 | 2 Chocolate-doom, Opensuse | 4 Chocolate Doom, Crispy Doom, Backports and 1 more | 2024-08-04 | 9.8 Critical |
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. | ||||
CVE-2020-10938 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Backports and 1 more | 2024-08-04 | 9.8 Critical |
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. | ||||
CVE-2020-10592 | 2 Opensuse, Torproject | 3 Backports, Leap, Tor | 2024-08-04 | 7.5 High |
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002. | ||||
CVE-2020-6610 | 2 Gnu, Opensuse | 3 Libredwg, Backports, Leap | 2024-08-04 | 6.5 Medium |
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | ||||
CVE-2020-6456 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 6.5 Medium |
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. | ||||
CVE-2020-6452 | 4 Fedoraproject, Google, Opensuse and 1 more | 5 Fedora, Chrome, Backports and 2 more | 2024-08-04 | 8.8 High |
Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2020-6495 | 4 Debian, Google, Opensuse and 1 more | 5 Debian Linux, Chrome, Backports and 2 more | 2024-08-04 | 6.5 Medium |
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | ||||
CVE-2020-6431 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 4.3 Medium |
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page. | ||||
CVE-2020-6455 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 8.8 High |
Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
CVE-2020-6493 | 4 Debian, Google, Opensuse and 1 more | 5 Debian Linux, Chrome, Backports and 2 more | 2024-08-04 | 9.6 Critical |
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||||
CVE-2020-6441 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 4.3 Medium |
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. |