Product:

Backports_sle

(Opensuse)
Date Id Summary Products Score Patch Annotated
2019-12-10 CVE-2019-13745 Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub 6.5
2019-12-10 CVE-2019-13764 Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub 8.8
2019-12-20 CVE-2019-19917 Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. Fedora, Lout, Backports_sle, Leap 7.8
2019-12-20 CVE-2019-19918 Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. Fedora, Lout, Backports_sle, Leap 7.8
2020-01-03 CVE-2019-5844 Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chrome, Backports_sle, Leap 6.5
2020-01-03 CVE-2019-5845 Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chrome, Backports_sle, Leap 6.5
2020-01-03 CVE-2019-5846 Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chrome, Backports_sle, Leap 6.5
2020-01-10 CVE-2019-13767 Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle 8.8
2020-01-10 CVE-2020-6377 Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Debian_linux, Fedora, Chrome, Backports_sle, Leap, Enterprise_linux_desktop, Enterprise_linux_workstation 8.8
2020-01-16 CVE-2020-7106 Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). Cacti, Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Backports_sle, Leap, Package_hub 6.1