Product:

Backports_sle

(Opensuse)
Date Id Summary Products Score Patch Annotated
2020-05-21 CVE-2020-6485 Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Leap 6.5
2020-05-21 CVE-2020-6487 Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Leap 6.5
2020-05-21 CVE-2020-6488 Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Leap 4.3
2020-05-21 CVE-2020-6489 Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Leap 4.3
2020-05-21 CVE-2020-6490 Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Leap 4.3
2020-05-21 CVE-2020-6491 Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. Debian_linux, Fedora, Chrome, Backports_sle, Leap 6.5
2020-05-26 CVE-2020-13614 An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification. Axel, Fedora, Backports_sle, Leap 5.9
2020-06-03 CVE-2020-13379 The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault. Fedora, Grafana, E\-Series_performance_analyzer, Backports_sle, Leap 8.2
2020-06-03 CVE-2020-6494 Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Debian_linux, Chrome, Backports_sle, Leap 6.5
2020-06-03 CVE-2020-6496 Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Debian_linux, Chrome, Backports_sle, Leap 8.8