Vulnerabilities > Opensuse > Backports SLE > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-23 | CVE-2020-6429 | Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-03-23 | CVE-2020-6428 | Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-03-23 | CVE-2020-6427 | Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-03-23 | CVE-2020-6424 | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-03-23 | CVE-2020-6422 | Out-of-bounds Write vulnerability in multiple products Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-03-23 | CVE-2020-10593 | Memory Leak vulnerability in multiple products Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. | 7.5 |
2020-03-22 | CVE-2020-10802 | SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. | 8.0 |
2020-03-22 | CVE-2020-10804 | SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). | 8.0 |
2020-02-20 | CVE-2020-9273 | Use After Free vulnerability in multiple products In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. | 8.8 |
2020-02-11 | CVE-2020-6416 | Improper Input Validation vulnerability in multiple products Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |