Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_workstation
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-11 | CVE-2020-6406 | Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 8.8 | ||
| 2020-02-11 | CVE-2020-6408 | Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 6.5 | ||
| 2020-02-11 | CVE-2020-6415 | Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 8.8 | ||
| 2020-02-11 | CVE-2020-6416 | Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Package_hub | 8.8 | ||
| 2020-02-11 | CVE-2013-4535 | The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read. | Qemu, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization | 8.8 | ||
| 2020-02-12 | CVE-2020-8945 | The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. | Fedora, Gpgme, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_power_little_endian, Enterprise_linux_server, Enterprise_linux_workstation, Openshift_container_platform, Openshift_container_platform_for_ibm_z, Openshift_container_platform_for_linuxone | 7.5 | ||
| 2020-02-27 | CVE-2020-6383 | Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
| 2020-02-27 | CVE-2020-6384 | Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
| 2020-02-27 | CVE-2020-6386 | Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 | ||
| 2020-03-12 | CVE-2020-10531 | An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. | Ubuntu_linux, Debian_linux, Fedora, Chrome, International_components_for_unicode, Node\.js, Leap, Banking_extensibility_workbench, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 8.8 |