Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2020-03-23 CVE-2020-8865 Path Traversal vulnerability in multiple products
This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22.
network
low complexity
horde debian CWE-22
6.3
6.3
2020-03-23 CVE-2020-9760 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected).
network
low complexity
weechat debian CWE-120
7.5
7.5
2020-03-23 CVE-2020-6449 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6429 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6428 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google suse opensuse fedoraproject debian CWE-787
8.8
8.8
2020-03-23 CVE-2020-6427 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6426 Out-of-bounds Write vulnerability in multiple products
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google suse opensuse fedoraproject debian CWE-787
6.5
6.5
2020-03-23 CVE-2020-6425 Improper Input Validation vulnerability in multiple products
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.
network
low complexity
google debian fedoraproject opensuse CWE-20
5.4
5.4
2020-03-23 CVE-2020-6424 Use After Free vulnerability in multiple products
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6422 Out-of-bounds Write vulnerability in multiple products
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian suse opensuse CWE-787
8.8
8.8