Opensuse Backports vulnerabilities

96 known vulnerabilities affecting opensuse/backports.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL8HIGH39MEDIUM49

Vulnerabilities

Page 4 of 5

CVE-2019-5808HIGHCVSS 8.8vsle-152019-06-27

CVE-2019-5808 [HIGH] CWE-416 CVE-2019-5808: Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potenti Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2019-5806HIGHCVSS 8.8vsle-152019-06-27

CVE-2019-5806 [HIGH] CWE-190 CVE-2019-5806: Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attack Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2019-5829HIGHCVSS 8.8vsle-152019-06-27

CVE-2019-5829 [HIGH] CWE-190 CVE-2019-5829: Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacke Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

nvd

CVE-2019-5807HIGHCVSS 8.8vsle-152019-06-27

CVE-2019-5807 [HIGH] CWE-787 CVE-2019-5807: Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to pot Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2019-5820HIGHCVSS 8.8vsle-152019-06-27

CVE-2019-5820 [HIGH] CWE-190 CVE-2019-5820: Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to pote Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

nvd

CVE-2019-5833MEDIUMCVSS 4.3vsle-152019-06-27

CVE-2019-5833 [MEDIUM] CVE-2019-5833: Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.

nvd

CVE-2019-5838MEDIUMCVSS 4.3vsle-152019-06-27

CVE-2019-5838 [MEDIUM] CWE-863 CVE-2019-5838: Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.

nvd

CVE-2019-5837MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5837 [MEDIUM] CVE-2019-5837: Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote a Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

nvd

CVE-2019-5814MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5814 [MEDIUM] CWE-352 CVE-2019-5814: Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote at Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

nvd

CVE-2019-5810MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5810 [MEDIUM] CWE-312 CVE-2019-5810: Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to ob Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

nvd

CVE-2019-5830MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5830 [MEDIUM] CVE-2019-5830: Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote atta Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

nvd

CVE-2019-5805MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5805 [MEDIUM] CWE-416 CVE-2019-5805: Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potent Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

nvd

CVE-2019-5832MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5832 [MEDIUM] CVE-2019-5832: Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a r Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

nvd

CVE-2019-5823MEDIUMCVSS 5.4vsle-152019-06-27

CVE-2019-5823 [MEDIUM] CWE-601 CVE-2019-5823: Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

nvd

CVE-2019-5818MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5818 [MEDIUM] CWE-908 CVE-2019-5818: Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obt Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.

nvd

CVE-2019-5839MEDIUMCVSS 4.3vsle-152019-06-27

CVE-2019-5839 [MEDIUM] CWE-20 CVE-2019-5839: Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote atta Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.

nvd

CVE-2019-5840MEDIUMCVSS 4.3vsle-152019-06-27

CVE-2019-5840 [MEDIUM] CWE-362 CVE-2019-5840: Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remot Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

nvd

CVE-2019-5835MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5835 [MEDIUM] CWE-125 CVE-2019-5835: Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attack Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

nvd

CVE-2019-5834MEDIUMCVSS 6.5vsle-152019-06-27

CVE-2019-5834 [MEDIUM] CWE-346 CVE-2019-5834: Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attack Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

nvd

CVE-2019-5791HIGHCVSS 8.8vsle-152019-05-23

CVE-2019-5791 [HIGH] CWE-125 CVE-2019-5791: Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

nvd

← Previous4 / 5Next →