Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchfirefox-esr< 78.5.0-r0UNKNOWN
Alpineedge-communitynoarchfirefox< 83.0-r0UNKNOWN
Alpineedge-communitynoarchthunderbird< 78.5.1-r0UNKNOWN
Alpineedge-mainnoarchfreetype< 2.10.4-r0UNKNOWN
Alpine3.10-mainnoarchfreetype< 2.10.0-r1UNKNOWN
Alpine3.11-mainnoarchfreetype< 2.10.1-r1UNKNOWN
Alpine3.12-communitynoarchfirefox-esr< 78.5.0-r0UNKNOWN
Alpine3.12-communitynoarchfirefox< 83.0-r0UNKNOWN
Alpine3.12-mainnoarchfreetype< 2.10.4-r0UNKNOWN
Alpine3.13-communitynoarchfirefox-esr< 78.5.0-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	firefox-esr	< 78.5.0-r0	UNKNOWN
Alpine	edge-community	noarch	firefox	< 83.0-r0	UNKNOWN
Alpine	edge-community	noarch	thunderbird	< 78.5.1-r0	UNKNOWN
Alpine	edge-main	noarch	freetype	< 2.10.4-r0	UNKNOWN
Alpine	3.10-main	noarch	freetype	< 2.10.0-r1	UNKNOWN
Alpine	3.11-main	noarch	freetype	< 2.10.1-r1	UNKNOWN
Alpine	3.12-community	noarch	firefox-esr	< 78.5.0-r0	UNKNOWN
Alpine	3.12-community	noarch	firefox	< 83.0-r0	UNKNOWN
Alpine	3.12-main	noarch	freetype	< 2.10.4-r0	UNKNOWN
Alpine	3.13-community	noarch	firefox-esr	< 78.5.0-r0	UNKNOWN

Rows per page:

1-10 of 351

checkpoint_advisories 1

nessus 62

githubexploit 3

osv 9

openvas 29

github 1

centos 1

amazon 1

gitlab 4

fedora 3

oraclelinux 2

thn 5

prion 1

veracode 2

debian 3

cloudfoundry 1

redhat 8

cbl_mariner 2

suse 12

cve 1

slackware 1

freebsd 2

f5 1

gentoo 4

ubuntu 2

malwarebytes 2

threatpost 4

redhatcve 1

archlinux 3

almalinux 1

qualysblog 1

ubuntucve 1

mageia 1

rocky 1

debiancve 1

photon 5

attackerkb 2

ibm 3

cisa_kev 1

krebs 1

ics 1

kaspersky 3

chrome 1

googleprojectzero 1

mozilla 2

altlinux 2

checkpoint_advisories

Google Chrome Memory Corruption (CVE-2020-15999)

2020-10-24 00:00:00

nessus

NewStart CGSL CORE 5.05 / MAIN 5.05 : freetype Vulnerability (NS-SA-2021-0144)

2021-10-27 00:00:00

EulerOS 2.0 SP8 : freetype (EulerOS-SA-2020-2510)

2020-12-14 00:00:00

SUSE SLED15 / SLES15 Security Update : freetype2 (SUSE-SU-2020:2995-1)

2020-12-09 00:00:00

githubexploit

Exploit for Out-of-bounds Write in Google Chrome

2020-10-28 16:16:25

Exploit for Out-of-bounds Write in Google Chrome

2020-12-30 19:58:33

Exploit for Out-of-bounds Write in Google Chrome

2020-12-30 18:02:23

osv

freetype - security update

2020-10-25 00:00:00

Important: freetype security update

2020-11-05 08:26:43

Android Impact

2021-01-01 00:00:00

openvas

openSUSE: Security Advisory for freetype2 (openSUSE-SU-2020:1744-1)

2020-10-27 00:00:00

Fedora: Security Advisory for freetype (FEDORA-2020-6b35849edd)

2020-11-07 00:00:00

Debian: Security Advisory (DSA-4777-1)

2020-10-23 00:00:00

github

Heap buffer overflow in CefSharp

2020-10-27 19:47:38

centos

freetype security update

2020-11-06 21:57:09

amazon

Important: freetype

2020-12-08 20:55:00

gitlab

Out-of-bounds Write

2020-10-27 00:00:00

Out-of-bounds Write

2020-10-27 00:00:00

Out-of-bounds Write

2020-10-27 00:00:00

fedora

[SECURITY] Fedora 31 Update: freetype-2.10.0-4.fc31

2020-11-07 01:28:39

[SECURITY] Fedora 33 Update: freetype-2.10.4-1.fc33

2020-10-25 01:01:39

[SECURITY] Fedora 32 Update: freetype-2.10.4-1.fc32

2020-10-25 01:21:04

oraclelinux

freetype security update

2020-11-06 00:00:00

freetype security update

2020-11-13 00:00:00

thn

New Chrome 0-day Under Active Attacks – Update Your Browser Now

2020-10-21 16:26:00

WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild

2020-11-02 09:43:00

New Chrome Zero-Day Under Active Attacks – Update Your Browser

2020-11-03 09:33:00

prion

Heap overflow

2020-11-03 03:15:00

veracode

Heap Buffer Overflow

2020-11-05 03:17:59

Heap Buffer Overflow

2020-10-25 12:34:11

debian

[SECURITY] [DSA 4777-1] freetype security update

2020-10-21 19:00:07

[SECURITY] [DSA 4777-1] freetype security update

2020-10-21 19:00:07

[SECURITY] [DLA 2415-1] freetype security update

2020-10-25 21:59:56

cloudfoundry

USN-4593-1: FreeType vulnerability | Cloud Foundry

2020-11-19 00:00:00

redhat

(RHSA-2020:4907) Important: freetype security update

2020-11-04 09:39:15

(RHSA-2020:4952) Important: freetype security update

2020-11-05 08:26:43

(RHSA-2020:4950) Important: freetype security update

2020-11-05 08:24:47

cbl_mariner

CVE-2020-15999 affecting package freetype 2.9.1-5

2022-04-09 06:51:42

CVE-2020-15999 affecting package freetype 2.9.1-4

2022-03-19 16:40:53

suse

Security update for freetype2 (important)

2020-10-26 00:00:00

Security update for freetype2 (important)

2020-10-25 00:00:00

Security update for chromium (important)

2020-10-24 00:00:00

cve

CVE-2020-15999

2020-11-03 03:15:00

slackware

[slackware-security] freetype

2020-10-20 22:26:01

freebsd

freetype2 -- heap buffer overlfow

2020-10-20 00:00:00

chromium -- multiple vulnerabilities

2020-10-20 00:00:00

K000133070 : Freetype vulnerability CVE-2020-15999

2023-03-20 00:00:00

gentoo

Opera: Multiple Vulnerabilities

2024-01-15 00:00:00

FreeType: Arbitrary code execution

2020-10-23 00:00:00

Chromium, Google Chrome: Multiple vulnerabilities

2020-11-11 00:00:00

ubuntu

FreeType vulnerability

2020-10-20 00:00:00

FreeType vulnerability

2020-10-22 00:00:00

malwarebytes

Google patches actively exploited zero-day bug that affects Chrome users

2020-10-26 10:58:14

Update your Chrome again as Google patches second zero-day in two weeks

2020-11-03 18:30:00

threatpost

Microsoft IE Browser Death March Hastens

2020-10-26 22:26:57

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

2020-11-10 21:12:21

Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser

2020-10-21 12:23:29

redhatcve

CVE-2020-15999

2020-10-21 18:33:33

archlinux

[ASA-202010-10] freetype2: arbitrary code execution

2020-10-20 00:00:00

[ASA-202010-11] lib32-freetype2: arbitrary code execution

2020-10-20 00:00:00

[ASA-202011-12] firefox: multiple issues

2020-11-17 00:00:00

almalinux

Important: freetype security update

2020-11-05 08:26:43

qualysblog

Vulnerability Detection Pipeline (Beta)

2020-09-16 17:43:34

ubuntucve

CVE-2020-15999

2020-10-20 00:00:00

mageia

Updated freetype2 packages fix security vulnerability

2020-10-20 19:22:12

rocky

freetype security update

2020-11-05 08:26:43

debiancve

CVE-2020-15999

2020-11-03 03:15:00

photon

Moderate Photon OS Security Update - PHSA-2022-0442

2022-02-16 00:00:00

Critical Photon OS Security Update - PHSA-2022-0364

2022-02-22 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0156

2022-02-25 00:00:00

attackerkb

CVE-2020-15999 Chrome Freetype 0day

2020-11-03 00:00:00

CVE-2020-17087 Windows Kernel local privilege escalation 0day

2020-11-11 00:00:00

ibm

Security Bulletin: IBM Analyst's Notebook Premium uses a component with known vulnerabilities (CVE-2020-16013, CVE-2020-16009, CVE-2020-15999)

2021-07-23 15:10:10

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities (CVE-2020-1971, CVE-2020-15999, CVE-2017-12652)

2021-08-16 07:01:26

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26951) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0

2021-02-25 07:21:06

cisa_kev

Google Chrome FreeType Heap Buffer Overflow Vulnerability

2021-11-03 00:00:00

krebs

Patch Tuesday, November 2020 Edition

2020-11-11 01:56:41

ics

Rockwell Automation Connected Components Workbench

2023-09-21 12:00:00

kaspersky

KLA12013 Multiple vulnerabilities in Opera

2020-10-29 00:00:00

KLA11986 Multiple vulnerabilities in Google Chrome

2020-10-20 00:00:00

KLA12012 Multiple vulnerabilities in Mozilla Thunderbird

2020-11-17 00:00:00

chrome

Stable Channel Update for Desktop

2020-10-20 00:00:00

googleprojectzero

In-the-Wild Series: October 2020 0-day discovery

2021-03-18 00:00:00

mozilla

Security Vulnerabilities fixed in Thunderbird 78.5 — Mozilla

2020-11-17 00:00:00

Security Vulnerabilities fixed in Firefox ESR 78.5 — Mozilla

2020-11-17 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 78.5.0-alt1

2020-11-19 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 78.5.0-alt1

2020-11-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.026 Low

EPSS

Percentile

90.0%

JSON

Related for ALPINE:CVE-2020-15999