Opensuse Backports Sle vulnerabilities
325 known vulnerabilities affecting opensuse/backports_sle.
Total CVEs
325
CISA KEV
3
actively exploited
Public exploits
8
Exploited in wild
5
Severity breakdown
CRITICAL27HIGH168MEDIUM129LOW1
Vulnerabilities
Page 7 of 17
CVE-2020-6474HIGHCVSS 8.8v15.02020-05-21
CVE-2020-6474 [HIGH] CWE-416 CVE-2020-6474: Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentia
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-6468HIGHCVSS 8.8v15.02020-05-21
CVE-2020-6468 [HIGH] CWE-787 CVE-2020-6468: Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially
Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-6463HIGHCVSS 8.8v15.02020-05-21
CVE-2020-6463 [HIGH] CWE-416 CVE-2020-6463: Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potenti
Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2020-6477HIGHCVSS 7.8v15.02020-05-21
CVE-2020-6477 [HIGH] CWE-59 CVE-2020-6477: Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a l
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file.
nvd
CVE-2020-6476MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6476 [MEDIUM] CWE-276 CVE-2020-6476: Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attac
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
nvd
CVE-2020-6473MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6473 [MEDIUM] CWE-203 CVE-2020-6473: Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote att
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
nvd
CVE-2020-6491MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6491 [MEDIUM] CVE-2020-6491: Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a re
Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name.
nvd
CVE-2020-6481MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6481 [MEDIUM] CVE-2020-6481: Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a r
Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name.
nvd
CVE-2020-6490MEDIUMCVSS 4.3v15.02020-05-21
CVE-2020-6490 [MEDIUM] CWE-668 CVE-2020-6490: Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attac
Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.
nvd
CVE-2020-6479MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6479 [MEDIUM] CVE-2020-6479: Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote atta
Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
nvd
CVE-2020-6487MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6487 [MEDIUM] CWE-276 CVE-2020-6487: Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
nvd
CVE-2020-6475MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6475 [MEDIUM] CVE-2020-6475: Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote atta
Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
nvd
CVE-2020-6480MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6480 [MEDIUM] CWE-276 CVE-2020-6480: Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.
nvd
CVE-2020-6478MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6478 [MEDIUM] CVE-2020-6478: Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote
Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
nvd
CVE-2020-6482MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6482 [MEDIUM] CWE-276 CVE-2020-6482: Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
nvd
CVE-2020-6488MEDIUMCVSS 4.3v15.02020-05-21
CVE-2020-6488 [MEDIUM] CWE-276 CVE-2020-6488: Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
nvd
CVE-2020-6483MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6483 [MEDIUM] CWE-276 CVE-2020-6483: Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
nvd
CVE-2020-6485MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6485 [MEDIUM] CWE-20 CVE-2020-6485: Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote
Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
nvd
CVE-2020-6472MEDIUMCVSS 6.5v15.02020-05-21
CVE-2020-6472 [MEDIUM] CVE-2020-6472: Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension.
nvd
CVE-2020-6470MEDIUMCVSS 6.1v15.02020-05-21
CVE-2020-6470 [MEDIUM] CWE-79 CVE-2020-6470: Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allow
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.
nvd