Total
6576 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6539 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6532 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6518 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6515 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6509 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
|
|||||
| CVE-2020-6505 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6496 | 4 Apple, Debian, Google and 1 more | 5 Macos, Debian Linux, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6493 | 3 Debian, Google, Opensuse | 4 Debian Linux, Chrome, Backports and 1 more | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6492 | 1 Google | 1 Chrome | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6474 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6467 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6466 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6465 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6463 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6462 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6461 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6459 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6457 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
|||||
| CVE-2020-6454 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
|
|||||
| CVE-2020-6451 | 3 Fedoraproject, Google, Opensuse | 4 Fedora, Chrome, Backports Sle and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6450 | 3 Fedoraproject, Google, Opensuse | 4 Fedora, Chrome, Backports Sle and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6449 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6448 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6436 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6434 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6424 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6423 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6406 | 5 Debian, Fedoraproject, Google and 2 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6386 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6384 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6379 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6378 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6377 | 5 Debian, Fedoraproject, Google and 2 more | 7 Debian Linux, Fedora, Chrome and 4 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2020-6354 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
|
|||||
| CVE-2020-6353 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
|
|||||
| CVE-2020-6334 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
|
|||||
| CVE-2020-6329 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
|
|||||
| CVE-2020-6208 | 1 Sap | 1 Crystal Reports | 2024-11-21 | 4.4 MEDIUM | 8.2 HIGH |
|
SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the attacker to control the behaviour of the application, leading to Remote Code Execution. Although the mode of attack is only Local, multiple applications can be impacted as a result of the vulnerability.
|
|||||
| CVE-2020-6115 | 1 Gonitro | 1 Nitro Pro | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the object’s cross-reference table entry inside a stack variable. If the referenced object identifier is not found, the application may resize the cross-reference table which can change the scope of its entry ...
Show More |
|||||
| CVE-2020-6074 | 1 Gonitro | 1 Nitro Pro | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
|
|||||