Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensuse leap 15.0 vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2020-6575
Race in Mojo in Google Chrome before 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
6.8
CVSSv2
CVE-2020-6576
Use after free in offscreen canvas in Google Chrome before 85.0.4183.102 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
4.3
CVSSv2
CVE-2020-15959
Insufficient policy enforcement in networking in Google Chrome before 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
Google Chrome
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2020-15965
Type confusion in V8 in Google Chrome before 85.0.4183.121 allowed a remote malicious user to potentially perform out of bounds memory access via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
4.3
CVSSv2
CVE-2020-15966
Insufficient policy enforcement in extensions in Google Chrome before 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5
CVSSv2
CVE-2020-25032
An issue exists in Flask-CORS (aka CORS Middleware for Flask) prior to 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
Flask-cors Project Flask-cors
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
8.5
CVSSv2
CVE-2020-14352
A flaw was found in librepo in versions prior to 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on th...
Redhat Librepo
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
6.5
CVSSv2
CVE-2020-24972
The Kleopatra component prior to 3.1.12 (and prior to 20.07.80) for GnuPG allows remote malicious users to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to lo...
Kleopatra Project Kleopatra
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
6.5
CVSSv2
CVE-2020-24614
Fossil prior to 2.10.2, 2.11.x prior to 2.11.2, and 2.12.x prior to 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.
Fossil-scm Fossil
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
9
CVSSv2
CVE-2020-8233
A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges.
Ui Edgeswitch Firmware
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »