Vulnerabilities > Opensuse > Backports SLE

DATE CVE VULNERABILITY TITLE RISK
2020-03-27 CVE-2020-1770 Information Exposure vulnerability in multiple products
Support bundle generated files could contain sensitive information that might be unwanted to be disclosed.
network
low complexity
otrs opensuse debian CWE-200
4.3
4.3
2020-03-27 CVE-2020-1769 In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue.
network
low complexity
otrs opensuse
4.3
4.3
2020-03-23 CVE-2020-6449 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6429 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6428 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google suse opensuse fedoraproject debian CWE-787
8.8
8.8
2020-03-23 CVE-2020-6427 Out-of-bounds Write vulnerability in multiple products
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-6426 Out-of-bounds Write vulnerability in multiple products
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google suse opensuse fedoraproject debian CWE-787
6.5
6.5
2020-03-23 CVE-2020-6424 Use After Free vulnerability in multiple products
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject suse opensuse CWE-416
8.8
8.8
2020-03-23 CVE-2020-6422 Out-of-bounds Write vulnerability in multiple products
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian suse opensuse CWE-787
8.8
8.8
2020-03-23 CVE-2020-10593 Memory Leak vulnerability in multiple products
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004.
network
low complexity
torproject opensuse CWE-401
7.5
7.5