Vulnerabilities > Fedoraproject > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-22 | CVE-2020-6520 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-07-22 | CVE-2020-6518 | Use After Free vulnerability in multiple products Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-07-22 | CVE-2020-6517 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-07-22 | CVE-2020-6515 | Use After Free vulnerability in multiple products Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-07-22 | CVE-2020-6513 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
2020-07-22 | CVE-2020-6512 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-07-22 | CVE-2020-6510 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 7.8 |
2020-07-20 | CVE-2020-3481 | NULL Pointer Dereference vulnerability in multiple products A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2020-07-13 | CVE-2019-20907 | Infinite Loop vulnerability in multiple products In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. | 7.5 |
2020-07-07 | CVE-2020-10745 | Resource Exhaustion vulnerability in multiple products A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. | 7.5 |