Opensuse Backports Sle vulnerabilities
325 known vulnerabilities affecting opensuse/backports_sle.
Total CVEs
325
CISA KEV
3
actively exploited
Public exploits
8
Exploited in wild
5
Severity breakdown
CRITICAL27HIGH168MEDIUM129LOW1
Vulnerabilities
Page 2 of 17
CVE-2020-16000HIGHCVSS 8.8v15.02020-11-03
CVE-2020-16000 [HIGH] CWE-787 CVE-2020-16000: Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attac
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-16007HIGHCVSS 7.8v15.02020-11-03
CVE-2020-16007 [HIGH] CWE-59 CVE-2020-16007: Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local at
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
nvd
CVE-2020-16001HIGHCVSS 8.8v15.02020-11-03
CVE-2020-16001 [HIGH] CWE-416 CVE-2020-16001: Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potenti
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-15972HIGHCVSS 8.8v15.02020-11-03
CVE-2020-15972 [HIGH] CWE-416 CVE-2020-15972: Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentia
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-16008HIGHCVSS 8.8v15.02020-11-03
CVE-2020-16008 [HIGH] CWE-787 CVE-2020-16008: Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
nvd
CVE-2020-16006HIGHCVSS 8.8v15.02020-11-03
CVE-2020-16006 [HIGH] CWE-787 CVE-2020-16006: Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-15979HIGHCVSS 8.8v15.02020-11-03
CVE-2020-15979 [HIGH] CWE-787 CVE-2020-15979: Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-15992HIGHCVSS 8.8v15.02020-11-03
CVE-2020-15992 [HIGH] CVE-2020-15992: Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remot
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
nvd
CVE-2020-15980HIGHCVSS 7.8v15.02020-11-03
CVE-2020-15980 [HIGH] CVE-2020-15980: Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
nvd
CVE-2020-15984MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-15984 [MEDIUM] CVE-2020-15984: Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a r
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.
nvd
CVE-2020-15981MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-15981 [MEDIUM] CWE-125 CVE-2020-15981: Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obta
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
nvd
CVE-2020-15989MEDIUMCVSS 5.5v15.02020-11-03
CVE-2020-15989 [MEDIUM] CWE-908 CVE-2020-15989: Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obt
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
nvd
CVE-2020-15973MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-15973 [MEDIUM] CVE-2020-15973: Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an atta
Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.
nvd
CVE-2020-15988MEDIUMCVSS 6.3v15.02020-11-03
CVE-2020-15988 [MEDIUM] CVE-2020-15988: Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allow
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.
nvd
CVE-2020-6557MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-6557 [MEDIUM] CVE-2020-6557: Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote a
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
nvd
CVE-2020-15986MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-15986 [MEDIUM] CWE-190 CVE-2020-15986: Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potent
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-15985MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-15985 [MEDIUM] CVE-2020-15985: Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attack
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
nvd
CVE-2020-15982MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-15982 [MEDIUM] CVE-2020-15982: Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attack
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
nvd
CVE-2020-15977MEDIUMCVSS 6.5v15.02020-11-03
CVE-2020-15977 [MEDIUM] CWE-20 CVE-2020-15977: Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a rem
Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
nvd
CVE-2020-25829HIGHCVSS 7.5v15.02020-10-16
CVE-2020-25829 [HIGH] CVE-2020-25829: An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (
nvd