Suse

Package Hub

40 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2020-6398

  • EPSS 2.19%
  • Published 11.02.2020 15:15:13
  • Last modified 21.11.2024 05:35:38

Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

6.5

CVE-2020-6400

Exploit
  • EPSS 1.91%
  • Published 11.02.2020 15:15:13
  • Last modified 21.11.2024 05:35:39

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

8.8

CVE-2020-6402

  • EPSS 2.58%
  • Published 11.02.2020 15:15:13
  • Last modified 21.11.2024 05:35:39

Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.

4.3

CVE-2020-6403

Exploit
  • EPSS 1.37%
  • Published 11.02.2020 15:15:13
  • Last modified 21.11.2024 05:35:39

Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

8.8

CVE-2020-6406

  • EPSS 2.9%
  • Published 11.02.2020 15:15:13
  • Last modified 21.11.2024 05:35:39

Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2020-6408

Exploit
  • EPSS 1.23%
  • Published 11.02.2020 15:15:13
  • Last modified 21.11.2024 05:35:40

Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.

4.3

CVE-2020-6391

Exploit
  • EPSS 1.74%
  • Published 11.02.2020 15:15:12
  • Last modified 21.11.2024 05:35:38

Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.

5.8

CVE-2020-6394

Exploit
  • EPSS 1.06%
  • Published 11.02.2020 15:15:12
  • Last modified 21.11.2024 05:35:38

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.

6.5

CVE-2020-6393

  • EPSS 1.45%
  • Published 11.02.2020 15:15:12
  • Last modified 21.11.2024 05:35:38

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

4.3

CVE-2020-6392

Exploit
  • EPSS 1.74%
  • Published 11.02.2020 15:15:12
  • Last modified 21.11.2024 05:35:38

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.