Opensuse Leap vulnerabilities

1,896 known vulnerabilities affecting opensuse/leap.

Total CVEs

1,896

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL202HIGH798MEDIUM803LOW93

Vulnerabilities

Page 27 of 95

CVE-2020-6451HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6451 [HIGH] CWE-416 CVE-2020-6451: Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to pote Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6439HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6439 [HIGH] CWE-276 CVE-2020-6439: Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remo Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.

nvd

CVE-2020-6452HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6452 [HIGH] CWE-787 CVE-2020-6452: Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to p Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6434HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6434 [HIGH] CWE-416 CVE-2020-6434: Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to poten Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6436HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6436 [HIGH] CWE-416 CVE-2020-6436: Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6430HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6430 [HIGH] CWE-843 CVE-2020-6430: Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6454HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6454 [HIGH] CWE-416 CVE-2020-6454: Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convince Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

nvd

CVE-2020-6455HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6455 [HIGH] CWE-125 CVE-2020-6455: Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to pot Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6450HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6450 [HIGH] CWE-416 CVE-2020-6450: Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to pote Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6447HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6447 [HIGH] CWE-125 CVE-2020-6447: Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a rem Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6448HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6448 [HIGH] CWE-416 CVE-2020-6448: Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6443HIGHCVSS 8.8v15.12020-04-13

CVE-2020-6443 [HIGH] CWE-345 CVE-2020-6443: Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a rem Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.

nvd

CVE-2020-6433MEDIUMCVSS 4.3v15.12020-04-13

CVE-2020-6433 [MEDIUM] CVE-2020-6433: Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remot Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

nvd

CVE-2020-6441MEDIUMCVSS 4.3v15.12020-04-13

CVE-2020-6441 [MEDIUM] CWE-276 CVE-2020-6441: Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote a Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.

nvd

CVE-2020-6438MEDIUMCVSS 4.3v15.12020-04-13

CVE-2020-6438 [MEDIUM] CWE-209 CVE-2020-6438: Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an atta Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension.

nvd

CVE-2020-6446MEDIUMCVSS 6.5v15.12020-04-13

CVE-2020-6446 [MEDIUM] CWE-276 CVE-2020-6446: Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a re Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.

nvd

CVE-2020-6431MEDIUMCVSS 4.3v15.12020-04-13

CVE-2020-6431 [MEDIUM] CWE-276 CVE-2020-6431: Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remo Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.

nvd

CVE-2020-6435MEDIUMCVSS 4.3v15.12020-04-13

CVE-2020-6435 [MEDIUM] CVE-2020-6435: Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remot Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.

nvd

CVE-2020-6444MEDIUMCVSS 6.3v15.12020-04-13

CVE-2020-6444 [MEDIUM] CWE-908 CVE-2020-6444: Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to pote Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2020-6440MEDIUMCVSS 4.3v15.12020-04-13

CVE-2020-6440 [MEDIUM] CVE-2020-6440: Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacke Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.

nvd

← Previous27 / 95Next →