Latest opensuse backports sle Vulnerabilities

CVE-2022-21950
A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue af...
Opensuse Canna<3.7p3-bp153.2.3.1
openSUSE Backports SLE=15.0-sp3
Opensuse Canna<3.7p3-bp154.3.3.1
openSUSE Backports SLE=15.0-sp4
Opensuse Canna=3.7p3
openSUSE Factory
and 1 more
CVE-2021-31998
A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their...
Opensuse Inn<=2.4.2-170.21.3.1
Oracle Java SE=11-sp3
Opensuse Inn<2.6.2
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.2
CVE-2020-6557
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
Google Chrome<86.0.4240.75
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=33
debian/chromium
CVE-2020-16008
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
Google Chrome<86.0.4240.183
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 3 more
CVE-2020-16006
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.183
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 3 more
CVE-2020-16004
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.183
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
Fedoraproject Fedora=32
and 3 more
CVE-2020-16011
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted H...
Google Chrome<86.0.4240.183
Microsoft Windows
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
and 2 more
CVE-2020-16005
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.183
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
Debian Debian Linux=10.0
and 3 more
CVE-2020-16009
Google Chromium V8 Type Confusion Vulnerability
debian/chromium
Google Chromium V8
Cefsharp Cefsharp<86.0.241
Google Chrome<86.0.4240.183
Microsoft Edge<86.0.622.63
Microsoft Edge Chromium<86.0.4240.183
and 7 more
CVE-2020-16007
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
Google Chrome<86.0.4240.183
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
openSUSE Leap=15.1
openSUSE Leap=15.2
and 1 more
CVE-2020-15990
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome<86.0.4240.75
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
and 1 more
CVE-2020-15987
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15989
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15991
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML ...
Google Chrome<86.0.4240.75
openSUSE Backports SLE=15.0-sp2
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=10.0
and 1 more
CVE-2020-15988
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HT...
Google Chrome<86.0.4240.75
Microsoft Windows
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=10.0
and 2 more
CVE-2020-15992
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML ...
Google Chrome<86.0.4240.75
Debian Debian Linux=10.0
openSUSE Backports SLE=15.0-sp2
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 1 more
CVE-2020-15972
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.75
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
and 1 more
CVE-2020-15979
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.75
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
and 1 more
CVE-2020-15974
Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
Google Chrome<86.0.4240.75
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 1 more
CVE-2020-15975
Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15983
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=10.0
openSUSE Backports SLE=15.0-sp2
and 1 more
CVE-2020-15981
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15978
Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a ...
Google Chrome<86.0.4240.75
Google Android
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 2 more
CVE-2020-15976
Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.75
Google Android
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
and 2 more
CVE-2020-15980
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
Google Chrome<86.0.4240.75
Google Android
openSUSE Backports SLE=15.0-sp2
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 2 more
CVE-2020-15986
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15985
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=10.0
openSUSE Backports SLE=15.0-sp2
and 1 more
CVE-2020-15982
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Debian Debian Linux=10.0
openSUSE Backports SLE=15.0-sp2
and 1 more
CVE-2020-15984
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.
Google Chrome<86.0.4240.75
Apple iPhone OS
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
and 2 more
CVE-2020-15977
Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
Google Chrome<86.0.4240.75
Apple Mac OS X
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 2 more
CVE-2020-15973
Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafte...
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15971
Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15968
Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<86.0.4240.75
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
and 1 more
CVE-2020-15970
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15967
Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome<86.0.4240.75
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
and 1 more
CVE-2020-15969
A use-after-free bug in the usersctp library was reported upstream. We assume this could have led to memory corruption and a potentially exploitable crash.
Mozilla Firefox<82
<82
<78.4
<78.4
Google Chrome<86.0.4240.75
Debian Debian Linux=10.0
and 22 more
CVE-2020-15999
Google Chrome Heap Buffer Overflow Vulnerability
debian/chromium
debian/freetype
Mozilla Firefox ESR<78.5
Google Android
Google Chrome<86.0.4240.111
Freetype Freetype>=2.6.0<2.10.4
and 11 more
CVE-2020-25829
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSE...
PowerDNS Recursor<4.1.18
PowerDNS Recursor>=4.2.0<4.2.5
PowerDNS Recursor>=4.3.0<4.3.5
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
and 1 more
CVE-2020-15229
Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, ...
Sylabs Singularity>=3.1.1<=3.6.3
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
CVE-2020-16002
Use after free in PDFium
Google Chrome<86.0.4240.111
Google Chrome<86.0.4240.111
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
openSUSE Backports SLE=15.0-sp2
and 2 more
CVE-2020-26164
In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Den...
Kde Kdeconnect<20.08.2
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
CVE-2020-11800
Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
Zabbix Zabbix>=2.2.0<3.0.31
Zabbix Zabbix=3.2.0
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
and 1 more
CVE-2020-8228
A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.
Nextcloud Preferred Providers=1.7.0
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
CVE-2020-16001
Use after free in media
Google Chrome<86.0.4240.111
Google Chrome<86.0.4240.111
Debian Debian Linux=10.0
openSUSE Backports SLE=15.0-sp2
Fedoraproject Fedora=31
Fedoraproject Fedora=32
and 2 more
CVE-2020-16003
Use after free in printing
Google Chrome<86.0.4240.111
Google Chrome<86.0.4240.111
Debian Debian Linux=10.0
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
and 2 more
CVE-2019-11556
Pagure before 5.6 allows XSS via the templates/blame.html blame view.
Redhat Pagure<5.6
openSUSE Backports SLE=15.0-sp1
openSUSE Leap=15.1
CVE-2020-6574
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
Google Chrome<85.0.4183.102
Apple Mac OS X
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
openSUSE Leap=15.1
openSUSE Leap=15.2
and 4 more
CVE-2020-6565
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome<85.0.4183.83
Apple iPhone OS
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 3 more
CVE-2020-6566
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Google Chrome<85.0.4183.83
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=33
openSUSE Leap=15.1
and 2 more
CVE-2020-6567
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML pag...
Google Chrome<85.0.4183.83
Microsoft Windows
openSUSE Backports SLE=15.0-sp1
openSUSE Backports SLE=15.0-sp2
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 3 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203