Opensuse Backports Sle vulnerabilities

325 known vulnerabilities affecting opensuse/backports_sle.

Total CVEs

325

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL27HIGH168MEDIUM129LOW1

Vulnerabilities

Page 5 of 17

CVE-2020-15917CRITICALCVSS 9.8v15.02020-07-23

CVE-2020-15917 [CRITICAL] CVE-2020-15917: common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STAR common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.

nvd

CVE-2020-6522CRITICALCVSS 9.6v15.02020-07-22

CVE-2020-6522 [CRITICAL] CVE-2020-6522: Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 al Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

nvd

CVE-2020-6515HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6515 [HIGH] CWE-416 CVE-2020-6515: Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to pote Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6520HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6520 [HIGH] CWE-787 CVE-2020-6520: Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentia Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6518HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6518 [HIGH] CWE-416 CVE-2020-6518: Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker w Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6523HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6523 [HIGH] CWE-190 CVE-2020-6523: Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to pote Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6512HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6512 [HIGH] CWE-787 CVE-2020-6512: Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6517HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6517 [HIGH] CWE-787 CVE-2020-6517: Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6510HIGHCVSS 7.8v15.02020-07-22

CVE-2020-6510 [HIGH] CWE-787 CVE-2020-6510: Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote att Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6530HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6530 [HIGH] CWE-787 CVE-2020-6530: Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an att Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

nvd

CVE-2020-6513HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6513 [HIGH] CWE-787 CVE-2020-6513: Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to p Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

nvd

CVE-2020-6525HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6525 [HIGH] CWE-787 CVE-2020-6525: Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to pot Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6524HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6524 [HIGH] CWE-787 CVE-2020-6524: Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6534HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6534 [HIGH] CWE-787 CVE-2020-6534: Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to p Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6533HIGHCVSS 8.8v15.02020-07-22

CVE-2020-6533 [HIGH] CWE-787 CVE-2020-6533: Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6516MEDIUMCVSS 4.3v15.02020-07-22

CVE-2020-6516 [MEDIUM] CVE-2020-6516: Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

nvd

CVE-2020-6526MEDIUMCVSS 6.5v15.02020-07-22

CVE-2020-6526 [MEDIUM] CVE-2020-6526: Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remo Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

nvd

CVE-2020-6536MEDIUMCVSS 4.3v15.02020-07-22

CVE-2020-6536 [MEDIUM] CVE-2020-6536: Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who h Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.

nvd

CVE-2020-6527MEDIUMCVSS 4.3v15.02020-07-22

CVE-2020-6527 [MEDIUM] CWE-276 CVE-2020-6527: Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attac Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.

nvd

CVE-2020-6531MEDIUMCVSS 4.3v15.02020-07-22

CVE-2020-6531 [MEDIUM] CWE-203 CVE-2020-6531: Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

nvd

← Previous5 / 17Next →