Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-13 | CVE-2020-6448 | Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 8.8 | ||
| 2020-04-13 | CVE-2020-6450 | Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Fedora, Chrome, Backports_sle, Leap | 8.8 | ||
| 2020-04-13 | CVE-2020-6451 | Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Fedora, Chrome, Backports_sle, Leap | 8.8 | ||
| 2020-04-13 | CVE-2020-6452 | Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Fedora, Chrome, Backports, Leap | 8.8 | ||
| 2020-04-13 | CVE-2020-6454 | Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 8.8 | ||
| 2020-04-13 | CVE-2020-6455 | Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports, Leap | 8.8 | ||
| 2020-04-13 | CVE-2020-6456 | Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. | Debian_linux, Fedora, Chrome, Backports, Leap | 6.5 | ||
| 2020-04-13 | CVE-2020-1730 | A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability. | Ubuntu_linux, Fedora, Libssh, Cloud_backup, Mysql_workbench, Enterprise_linux | 5.3 | ||
| 2020-04-15 | CVE-2020-2756 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE,... | Ubuntu_linux, Debian_linux, Fedora, Epolicy_orchestrator, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_backup, Cloud_secure_agent, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, E\-Series_santricity_web_services, Oncommand_insight, Santricity_unified_manager, Snapmanager, Steelstore_cloud_integrated_storage, Storagegrid, Leap, Jdk, Jre, Openjdk | 3.7 | ||
| 2020-04-15 | CVE-2020-2755 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE... | Ubuntu_linux, Debian_linux, Fedora, Epolicy_orchestrator, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_backup, Cloud_secure_agent, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, E\-Series_santricity_web_services, Oncommand_insight, Santricity_unified_manager, Snapmanager, Steelstore_cloud_integrated_storage, Storagegrid, Leap, Jdk, Jre, Openjdk | 3.7 |