|
197481
|
4.3 |
MEDIUM
Network
|
google
debian
fedoraproject
opensuse
|
chrome
debian_linux
fedora
leap
backports
|
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted…
|
NVD-CWE-noinfo
|
CVE-2020-6435
|
2024-11-21 14:35 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197482
|
8.8 |
HIGH
Network
|
google
fedoraproject
debian
opensuse
|
chrome
fedora
debian_linux
leap
backports_sle
|
Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2020-6434
|
2024-11-21 14:35 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197483
|
4.3 |
MEDIUM
Network
|
google
debian
fedoraproject
opensuse
|
chrome
debian_linux
fedora
leap
backports
|
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-6433
|
2024-11-21 14:35 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197484
|
4.3 |
MEDIUM
Network
|
google
debian
fedoraproject
opensuse
|
chrome
debian_linux
fedora
leap
backports
|
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-6432
|
2024-11-21 14:35 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197485
|
4.3 |
MEDIUM
Network
|
google
debian
fedoraproject
opensuse
|
chrome
debian_linux
fedora
leap
backports
|
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6431
|
2024-11-21 14:35 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197486
|
8.8 |
HIGH
Network
|
google
fedoraproject
debian
opensuse
|
chrome
fedora
debian_linux
leap
backports_sle
|
Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-843
Type Confusion
|
CVE-2020-6430
|
2024-11-21 14:35 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197487
|
8.8 |
HIGH
Network
|
google
fedoraproject
opensuse
debian
|
chrome
fedora
leap
backports_sle
debian_linux
|
Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2020-6423
|
2024-11-21 14:35 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197488
|
8.8 |
HIGH
Network
|
sap
|
netweaver_knowledge_management_and_collaboration_\(kmc-wpc\)
netweaver_knowledge_management_and_collaboration_\(kmc-cm\)
|
SAP NetWeaver (Knowledge Management), versions (KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 and KMC-WPC 7.30, 7.31, 7.40, 7.50), does not sufficiently validate path information provided by user…
|
CWE-22
Path Traversal
|
CVE-2020-6225
|
2024-11-21 14:35 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197489
|
6.1 |
MEDIUM
Network
|
communilink
|
clink_office
|
A cross-site scripting (XSS) vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-6171
|
2024-11-21 14:35 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197490
|
8.1 |
HIGH
Network
|
gnu
fedoraproject
debian
|
glibc
fedora
debian_linux
|
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a…
|
-
|
CVE-2020-6096
|
2024-11-21 14:35 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
