Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-22 CVE-2020-6520 Out-of-bounds Write vulnerability in multiple products
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-787
8.8
2020-07-22 CVE-2020-6518 Use After Free vulnerability in multiple products
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-416
8.8
2020-07-22 CVE-2020-6517 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-787
8.8
2020-07-22 CVE-2020-6515 Use After Free vulnerability in multiple products
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-416
8.8
2020-07-22 CVE-2020-6513 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
network
low complexity
google opensuse fedoraproject debian CWE-787
8.8
2020-07-22 CVE-2020-6512 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-843
8.8
2020-07-22 CVE-2020-6510 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
local
low complexity
google debian opensuse fedoraproject CWE-787
7.8
2020-07-20 CVE-2020-3481 NULL Pointer Dereference vulnerability in multiple products
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav debian canonical fedoraproject CWE-476
7.5
2020-07-13 CVE-2019-20907 Infinite Loop vulnerability in multiple products
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
7.5
2020-07-07 CVE-2020-10745 Resource Exhaustion vulnerability in multiple products
A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP.
network
low complexity
samba fedoraproject opensuse debian CWE-400
7.5