Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Package_hub
(Suse)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 39 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-01-16 | CVE-2020-7106 | Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). | Cacti, Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports_sle, Leap, Package_hub | 6.1 | ||
2020-02-11 | CVE-2020-6381 | Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 8.8 | ||
2020-02-11 | CVE-2020-6382 | Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 8.8 | ||
2020-02-11 | CVE-2020-6385 | Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 8.8 | ||
2020-02-11 | CVE-2020-6390 | Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 8.8 | ||
2020-02-11 | CVE-2020-6391 | Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 4.3 | ||
2020-02-11 | CVE-2020-6392 | Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 4.3 | ||
2020-02-11 | CVE-2020-6393 | Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 6.5 | ||
2020-02-11 | CVE-2020-6394 | Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 5.4 | ||
2020-02-11 | CVE-2020-6396 | Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 4.3 |