Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Backports_sle
(Opensuse)| Repositories |
• https://github.com/opencontainers/runc
• https://github.com/lighttpd/lighttpd1.4 |
| #Vulnerabilities | 326 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-12 | CVE-2020-14004 | An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user. | Icinga, Backports_sle, Leap | 7.8 | ||
| 2020-06-19 | CVE-2020-8164 | A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. | Debian_linux, Backports_sle, Leap, Rails | 7.5 | ||
| 2020-06-30 | CVE-2020-15396 | In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root. | Fedora, Hylafax\+, Hylafax_enterprise, Backports_sle, Leap | 7.8 | ||
| 2020-07-22 | CVE-2020-6510 | Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 7.8 | ||
| 2020-07-22 | CVE-2020-6511 | Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-07-22 | CVE-2020-6512 | Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 8.8 | ||
| 2020-07-22 | CVE-2020-6513 | Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 8.8 | ||
| 2020-07-22 | CVE-2020-6514 | Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. | Ipados, Iphone_os, Safari, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-07-22 | CVE-2020-6515 | Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 8.8 | ||
| 2020-07-22 | CVE-2020-6516 | Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 |