Google Chrome Security Update (stable-channel-update-for-desktop-2020-10) - Linux

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

KLA11969 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Policy enforcement vulnerability in downloads component c...

CVE-2020-8110

A vulnerability has been discovered in the cevaemu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory. This can lead to denial-of-service. This issue affects: Bitdefender Engines version 7.84897 a...

squid: HTTP Request Splitting could result in cache poisoning

A flaw was found in squid. Due to incorrect data validation, an HTTP Request Splitting attack against HTTP and HTTPS traffic is possible leading to cache poisoning. The highest threat from this vulnerability is to data confidentiality and integrity...

openSUSE Security Update : chromium (openSUSE-2020-1527)

This update for chromium fixes the following issues : Chromium was updated to 85.0.4183.121 boo1176791 : - CVE-2020-15960: Out of bounds read in storage - CVE-2020-15961: Insufficient policy enforcement in extensions - CVE-2020-15962: Insufficient policy enforcement in serial - CVE-2020-15963:...

The vulnerability of the Intel Active Management Technology implementation arises from insufficient validation of input data, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the Intel Active Management Technology implementation exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG20...

KLA11967 Multiple vulnerabilites in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, gain privileges, cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1...

The vulnerability of the Intel Active Management Technology implementation arises from insufficient validation of input data. This allows attackers to disclose protected information or cause service failures.

The vulnerability of the Intel Active Management Technology implementation exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information or cause service failures...

OPENSUSE-SU-2020:1550-1 Security update for chromium

This update for chromium fixes the following issues: Chromium was updated to 85.0.4183.121 boo1176791: - CVE-2020-15960: Out of bounds read in storage - CVE-2020-15961: Insufficient policy enforcement in extensions - CVE-2020-15962: Insufficient policy enforcement in serial - CVE-2020-15963:...

Untis WebUntis Cross-Site Scripting Vulnerability

Untis WebUntis is an individual developer's is a tool for schools to publish electronic timetables like students. A cross-site scripting vulnerability exists in Untis WebUntis versions prior to 2020.9.6, which stems from a lack of proper validation of client-side data by the web application. An...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1550-1 Rating: important References: 1176791 Cross-References: CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 Affected Products: openSUSE Backports...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1542-1 Rating: important References: 1176791 Cross-References: CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 Affected Products: openSUSE Backports...

CVE-2020-15205

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...

Design/Logic Flaw

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...

CVE-2020-15205

CVE-2020-15205 affects TensorFlow: the data_splits parameter of tf.raw_ops.StringNGrams lacks validation, allowing crafted input that can cause heap overflow and memory leakage, potentially leaking memory contents and aiding ASLR defeat. Affected TF versions include 1.15.4 and 2.x releases up to ...

OPENSUSE-SU-2020:1527-1 Security update for chromium

This update for chromium fixes the following issues: Chromium was updated to 85.0.4183.121 boo1176791: - CVE-2020-15960: Out of bounds read in storage - CVE-2020-15961: Insufficient policy enforcement in extensions - CVE-2020-15962: Insufficient policy enforcement in serial - CVE-2020-15963:...

Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1527-1 Rating: important References: 1176791 Cross-References: CVE-2020-15960 CVE-2020-15961 CVE-2020-15962 CVE-2020-15963 CVE-2020-15964 CVE-2020-15965 CVE-2020-15966 Affected Products: openSUSE Leap 15.2...