Vulnerabilities > Opensuse > Backports SLE > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-21 | CVE-2020-6574 | Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. | 7.8 |
2020-09-21 | CVE-2020-15965 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-15964 | NULL Pointer Dereference vulnerability in multiple products Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-15962 | Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-15960 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2020-08-30 | CVE-2020-14352 | Path Traversal vulnerability in multiple products A flaw was found in librepo in versions before 1.12.1. | 8.0 |
2020-08-29 | CVE-2020-24972 | Improper Encoding or Escaping of Output vulnerability in multiple products The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. | 8.8 |
2020-08-25 | CVE-2020-24614 | Missing Authorization vulnerability in multiple products Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. | 8.8 |
2020-08-07 | CVE-2020-8026 | Incorrect Default Permissions vulnerability in Opensuse Backports Sle, Leap and Tumbleweed A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. | 7.8 |
2020-07-29 | CVE-2020-16118 | NULL Pointer Dereference vulnerability in multiple products In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c. | 7.5 |