Package Hub Security Vulnerabilities and Issues — Package Hub CVE List

Lucene search

SusePackage Hub

14 matches found

CVE•added 2019/12/10 10:15 p.m.•588 views

CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.06699EPSS

CVE•added 2020/02/11 3:15 p.m.•307 views

CVE-2020-6404

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS7.7AI score0.01744EPSS

CVE•added 2020/03/22 4:15 a.m.•273 views

CVE-2020-10804

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then...

8CVSS7.8AI score0.02972EPSS

CVE•added 2020/03/22 5:15 a.m.•266 views

CVE-2020-10802

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a cr...

8CVSS7.9AI score0.01976EPSS

CVE•added 2020/02/11 3:15 p.m.•258 views

CVE-2020-6416

Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.03871EPSS

CVE•added 2020/02/11 3:15 p.m.•255 views

CVE-2020-6382

Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02899EPSS

CVE•added 2020/02/11 3:15 p.m.•255 views

CVE-2020-6406

Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.02899EPSS

CVE•added 2020/02/11 3:15 p.m.•255 views

CVE-2020-6415

Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.02899EPSS

CVE•added 2020/02/11 3:15 p.m.•253 views

CVE-2020-6381

Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.02899EPSS

CVE•added 2020/02/11 3:15 p.m.•253 views

CVE-2020-6398

Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8CVSS8.4AI score0.02186EPSS

CVE•added 2019/12/10 10:15 p.m.•252 views

CVE-2019-13764

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.40709EPSS

CVE•added 2020/02/11 3:15 p.m.•249 views

CVE-2020-6390

Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.5AI score0.03893EPSS

CVE•added 2020/02/11 3:15 p.m.•238 views

CVE-2020-6385

Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.

8.8CVSS7.7AI score0.01399EPSS

CVE•added 2020/02/11 3:15 p.m.•158 views

CVE-2020-6402

Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.

8.8CVSS8.4AI score0.02584EPSS