|
211021
|
4.3 |
MEDIUM
Network
|
google
debian
opensuse
fedoraproject
|
chrome
debian_linux
leap
backports_sle
fedora
|
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive informa…
|
NVD-CWE-noinfo
|
CVE-2020-15966
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211022
|
8.8 |
HIGH
Network
|
google
debian
opensuse
fedoraproject
|
chrome
debian_linux
leap
fedora
backports_sle
|
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
CWE-843
Type Confusion
|
CVE-2020-15965
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211023
|
8.8 |
HIGH
Network
|
google
opensuse
fedoraproject
debian
|
chrome
leap
backports_sle
fedora
debian_linux
|
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-20
CWE-787
CWE-476
Improper Input Validation
Out-of-bounds Write
NULL Pointer Dereference
|
CVE-2020-15964
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211024
|
9.6 |
CRITICAL
Network
|
google
opensuse
fedoraproject
debian
|
chrome
leap
backports_sle
fedora
debian_linux
|
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape…
|
NVD-CWE-noinfo
|
CVE-2020-15963
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211025
|
8.8 |
HIGH
Network
|
google
opensuse
fedoraproject
debian
|
chrome
leap
backports_sle
fedora
debian_linux
|
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-15962
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211026
|
9.6 |
CRITICAL
Network
|
google
opensuse
fedoraproject
debian
|
chrome
leap
backports_sle
fedora
debian_linux
|
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape …
|
NVD-CWE-noinfo
|
CVE-2020-15961
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211027
|
8.8 |
HIGH
Network
|
google
opensuse
fedoraproject
debian
|
chrome
leap
backports_sle
fedora
debian_linux
|
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15960
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211028
|
4.3 |
MEDIUM
Network
|
google
opensuse
fedoraproject
debian
|
chrome
leap
backports_sle
fedora
debian_linux
|
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from pro…
|
NVD-CWE-Other
|
CVE-2020-15959
|
2024-11-21 14:06 |
2020-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211029
|
6.5 |
MEDIUM
Network
|
acronis
|
cyber_backup
|
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwar…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-16171
|
2024-11-21 14:06 |
2020-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211030
|
2.3 |
LOW
Local
|
hms-networks
|
ewon_flexy_firmware
ewon_cosy_firmware
|
All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the C…
|
NVD-CWE-Other
|
CVE-2020-16230
|
2024-11-21 14:06 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
