Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2020-07-22 CVE-2020-6517 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-787
8.8
8.8
2020-07-22 CVE-2020-6516 Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject
4.3
4.3
2020-07-22 CVE-2020-6515 Use After Free vulnerability in multiple products
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-416
8.8
8.8
2020-07-22 CVE-2020-6514 Information Exposure vulnerability in multiple products
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. 		6.5
6.5
2020-07-22 CVE-2020-6513 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google opensuse fedoraproject debian CWE-787
8.8
8.8
2020-07-22 CVE-2020-6512 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-843
8.8
8.8
2020-07-22 CVE-2020-6511 Information Exposure Through an Error Message vulnerability in multiple products
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-209
6.5
6.5
2020-07-22 CVE-2020-6510 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
local
low complexity
google debian opensuse fedoraproject CWE-787
7.8
7.8
2020-07-20 CVE-2020-3481 NULL Pointer Dereference vulnerability in multiple products
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian canonical fedoraproject CWE-476
7.5
7.5
2020-07-20 CVE-2020-15121 OS Command Injection vulnerability in multiple products
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection.
network
low complexity
radare fedoraproject CWE-78
critical
 9.6
9.6