Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse backports sle 15.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-13962
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player up to and including 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
Videolan Vlc Media Player
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
1 Article
9.8
CVSSv3
CVE-2019-9215
In Live555 prior to 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
Live555 Streaming Media
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository
9.8
CVSSv3
CVE-2019-7164
SQLAlchemy up to and including 1.2.17 and 1.3.x up to and including 1.3.0b2 allows SQL Injection via the order_by parameter.
Sqlalchemy Sqlalchemy 1.3.0
Sqlalchemy Sqlalchemy
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
1 Github repository
9.6
CVSSv3
CVE-2020-16011
Heap buffer overflow in UI in Google Chrome on Windows before 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 10.0
9.6
CVSSv3
CVE-2020-6573
Use after free in video in Google Chrome on Android before 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
9.6
CVSSv3
CVE-2020-15961
Insufficient policy validation in extensions in Google Chrome before 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
Google Chrome
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
9.6
CVSSv3
CVE-2020-15963
Insufficient policy enforcement in extensions in Google Chrome before 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
Google Chrome
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
9.6
CVSSv3
CVE-2020-6522
Inappropriate implementation in external protocol handlers in Google Chrome before 84.0.4147.89 allowed a remote malicious user to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
9.6
CVSSv3
CVE-2020-6465
Use after free in reader mode in Google Chrome on Android before 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle 15.0
9.6
CVSSv3
CVE-2020-6466
Use after free in media in Google Chrome before 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle 15.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »