Vulnerabilites related to opensuse - backports
cve-2019-5821
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/919640 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.135Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/919640", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/919640", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5821", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/919640", refsource: "MISC", url: "https://crbug.com/919640", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5821", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.135Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6445
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/933171 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.621Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/933171", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:40", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/933171", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6445", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/933171", refsource: "MISC", url: "https://crbug.com/933171", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6445", datePublished: "2020-04-13T17:30:59", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.621Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13707
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html | x_refsource_MISC | |
https://crbug.com/859349 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:05:42.213Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/859349", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "78.0.3904.70", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient validation of untrusted input", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-13T12:06:14", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/859349", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-13707", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "78.0.3904.70", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient validation of untrusted input", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { name: "https://crbug.com/859349", refsource: "MISC", url: "https://crbug.com/859349", }, { name: "openSUSE-SU-2020:0010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-13707", datePublished: "2019-11-25T14:22:55", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:42.213Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5818
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/929962 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.582Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/929962", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.", }, ], problemTypes: [ { descriptions: [ { description: "Uninitialized Use", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:13", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/929962", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5818", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Uninitialized Use", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/929962", refsource: "MISC", url: "https://crbug.com/929962", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5818", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.582Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5805
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://crbug.com/913320 | x_refsource_MISC | |
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.990Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/913320", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:10", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/913320", }, { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5805", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://crbug.com/913320", refsource: "MISC", url: "https://crbug.com/913320", }, { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5805", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.990Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6443
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/1040080 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.476Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1040080", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient data validation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:47", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1040080", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6443", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient data validation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/1040080", refsource: "MISC", url: "https://crbug.com/1040080", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6443", datePublished: "2020-04-13T17:30:58", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.476Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5819
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/919356 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.506Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/919356", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/919356", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5819", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/919356", refsource: "MISC", url: "https://crbug.com/919356", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5819", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.506Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5829
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/958533 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.650Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/958533", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-14T18:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/958533", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5829", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/958533", refsource: "MISC", url: "https://crbug.com/958533", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5829", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-20177
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://www.securityfocus.com/bid/106938 | vdb-entry, x_refsource_BID | |
https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1 | x_refsource_MISC | |
https://security.gentoo.org/glsa/201903-06 | vendor-advisory, x_refsource_GENTOO | |
https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ | x_refsource_CONFIRM | |
https://www.debian.org/security/2019/dsa-4394 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html | mailing-list, x_refsource_MLIST | |
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:58:18.260Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "106938", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106938", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1", }, { name: "GLSA-201903-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201903-06", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", }, { name: "DSA-4394", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4394", }, { name: "[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html", }, { name: "openSUSE-SU-2019:2135", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-16T00:00:00", descriptions: [ { lang: "en", value: "rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-14T23:06:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "106938", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106938", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1", }, { name: "GLSA-201903-06", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201903-06", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", }, { name: "DSA-4394", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4394", }, { name: "[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html", }, { name: "openSUSE-SU-2019:2135", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20177", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "106938", refsource: "BID", url: "http://www.securityfocus.com/bid/106938", }, { name: "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1", refsource: "MISC", url: "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1", }, { name: "GLSA-201903-06", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201903-06", }, { name: "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", refsource: "CONFIRM", url: "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", }, { name: "DSA-4394", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4394", }, { name: "[debian-lts-announce] 20190219 [SECURITY] [DLA 1683-1] rdesktop security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html", }, { name: "openSUSE-SU-2019:2135", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20177", datePublished: "2019-03-15T18:00:00", dateReserved: "2018-12-17T00:00:00", dateUpdated: "2024-08-05T11:58:18.260Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5836
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/947342 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/947342", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Heap buffer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:13", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/947342", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5836", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Heap buffer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/947342", refsource: "MISC", url: "https://crbug.com/947342", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5836", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6495
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/1072116 | x_refsource_MISC | |
https://security.gentoo.org/glsa/202006-02 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.718Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1072116", }, { name: "GLSA-202006-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202006-02", }, { name: "openSUSE-SU-2020:0823", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { name: "openSUSE-SU-2020:0832", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "83.0.4103.97", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:14", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1072116", }, { name: "GLSA-202006-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202006-02", }, { name: "openSUSE-SU-2020:0823", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { name: "openSUSE-SU-2020:0832", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6495", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "83.0.4103.97", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/1072116", refsource: "MISC", url: "https://crbug.com/1072116", }, { name: "GLSA-202006-02", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202006-02", }, { name: "openSUSE-SU-2020:0823", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { name: "openSUSE-SU-2020:0832", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6495", datePublished: "2020-06-03T22:50:37", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.718Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5831
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.381Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/950328", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0791", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-14T18:06:15", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/950328", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0791", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5831", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/950328", refsource: "MISC", url: "https://crbug.com/950328", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0791", refsource: "MISC", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0791", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5831", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.381Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6433
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/1043965 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.624Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1043965", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:28", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1043965", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6433", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/1043965", refsource: "MISC", url: "https://crbug.com/1043965", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6433", datePublished: "2020-04-13T17:30:53", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.624Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5830
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/665766 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.515Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/665766", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/665766", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5830", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/665766", refsource: "MISC", url: "https://crbug.com/665766", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5830", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.515Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10938
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/ | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html | vendor-advisory, x_refsource_SUSE | |
https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2020/dsa-4675 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:21:12.992Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/", }, { name: "openSUSE-SU-2020:0416", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html", }, { name: "openSUSE-SU-2020:0429", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html", }, { name: "[debian-lts-announce] 20200415 [SECURITY] [DLA 2173-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html", }, { name: "DSA-4675", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4675", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-06T12:06:20", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/", }, { name: "openSUSE-SU-2020:0416", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html", }, { name: "openSUSE-SU-2020:0429", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html", }, { name: "[debian-lts-announce] 20200415 [SECURITY] [DLA 2173-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html", }, { name: "DSA-4675", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4675", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-10938", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/", refsource: "MISC", url: "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/", }, { name: "openSUSE-SU-2020:0416", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html", }, { name: "openSUSE-SU-2020:0429", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html", }, { name: "[debian-lts-announce] 20200415 [SECURITY] [DLA 2173-1] graphicsmagick security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html", }, { name: "DSA-4675", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4675", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-10938", datePublished: "2020-03-24T15:28:05", dateReserved: "2020-03-24T00:00:00", dateUpdated: "2024-08-04T11:21:12.992Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5838
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/893087 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.473Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/893087", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/893087", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5838", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/893087", refsource: "MISC", url: "https://crbug.com/893087", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5838", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.473Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5811
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/771815 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.997Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/771815", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/771815", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5811", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/771815", refsource: "MISC", url: "https://crbug.com/771815", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5811", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.997Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5839
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/925614 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.612Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/925614", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient data validation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-14T18:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/925614", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5839", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient data validation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/925614", refsource: "MISC", url: "https://crbug.com/925614", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5839", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.612Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5823
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/930154 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.836Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/930154", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/930154", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5823", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/930154", refsource: "MISC", url: "https://crbug.com/930154", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5823", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.836Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5791
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/926651 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:01:52.348Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/926651", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Out of bounds memory access", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:06", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/926651", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5791", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out of bounds memory access", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/926651", refsource: "MISC", url: "https://crbug.com/926651", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5791", datePublished: "2019-05-23T19:13:12", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:01:52.348Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6493
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://crbug.com/1082105 | x_refsource_MISC | |
https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://security.gentoo.org/glsa/202006-02 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html | vendor-advisory, x_refsource_SUSE | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1082105", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { name: "GLSA-202006-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202006-02", }, { name: "openSUSE-SU-2020:0823", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { name: "openSUSE-SU-2020:0832", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "83.0.4103.97", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:31", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1082105", }, { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { name: "GLSA-202006-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202006-02", }, { name: "openSUSE-SU-2020:0823", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { name: "openSUSE-SU-2020:0832", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6493", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "83.0.4103.97", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://crbug.com/1082105", refsource: "MISC", url: "https://crbug.com/1082105", }, { name: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { name: "GLSA-202006-02", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202006-02", }, { name: "openSUSE-SU-2020:0823", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { name: "openSUSE-SU-2020:0832", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6493", datePublished: "2020-06-03T22:50:36", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.696Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-7443
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:46:46.316Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00060.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00065.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAWLQKTUQJOAPXOFWJQAQCA4LVM2P45F/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXVUJNXB6QKGPT6YJPJSG3U2BIR5XK5Y/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1124863", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-07T18:41:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00060.html", }, { tags: [ "x_refsource_MISC", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00065.html", }, { tags: [ "x_refsource_MISC", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAWLQKTUQJOAPXOFWJQAQCA4LVM2P45F/", }, { tags: [ "x_refsource_MISC", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXVUJNXB6QKGPT6YJPJSG3U2BIR5XK5Y/", }, { tags: [ "x_refsource_MISC", ], url: "https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1124863", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-7443", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00060.html", refsource: "MISC", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00060.html", }, { name: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00065.html", refsource: "MISC", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00065.html", }, { name: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAWLQKTUQJOAPXOFWJQAQCA4LVM2P45F/", refsource: "MISC", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAWLQKTUQJOAPXOFWJQAQCA4LVM2P45F/", }, { name: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXVUJNXB6QKGPT6YJPJSG3U2BIR5XK5Y/", refsource: "MISC", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PXVUJNXB6QKGPT6YJPJSG3U2BIR5XK5Y/", }, { name: "https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a", refsource: "MISC", url: "https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a", }, { name: "https://bugzilla.suse.com/show_bug.cgi?id=1124863", refsource: "CONFIRM", url: "https://bugzilla.suse.com/show_bug.cgi?id=1124863", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-7443", datePublished: "2019-05-07T18:41:37", dateReserved: "2019-02-05T00:00:00", dateUpdated: "2024-08-04T20:46:46.316Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5840
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/951782 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.680Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/951782", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Incorrect security UI", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/951782", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5840", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Incorrect security UI", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/951782", refsource: "MISC", url: "https://crbug.com/951782", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5840", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.680Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5800
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/894228 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.978Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/894228", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:07", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/894228", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5800", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/894228", refsource: "MISC", url: "https://crbug.com/894228", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5800", datePublished: "2019-05-23T19:18:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.978Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-14983
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/chocolate-doom/chocolate-doom/issues/1293 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00007.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00012.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:00:52.077Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chocolate-doom/chocolate-doom/issues/1293", }, { name: "openSUSE-SU-2020:0928", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html", }, { name: "openSUSE-SU-2020:0939", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00007.html", }, { name: "openSUSE-SU-2020:0947", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00012.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-08T20:06:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chocolate-doom/chocolate-doom/issues/1293", }, { name: "openSUSE-SU-2020:0928", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html", }, { name: "openSUSE-SU-2020:0939", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00007.html", }, { name: "openSUSE-SU-2020:0947", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00012.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14983", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chocolate-doom/chocolate-doom/issues/1293", refsource: "MISC", url: "https://github.com/chocolate-doom/chocolate-doom/issues/1293", }, { name: "openSUSE-SU-2020:0928", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html", }, { name: "openSUSE-SU-2020:0939", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00007.html", }, { name: "openSUSE-SU-2020:0947", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00012.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14983", datePublished: "2020-06-22T19:13:34", dateReserved: "2020-06-22T00:00:00", dateUpdated: "2024-08-04T13:00:52.077Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5790
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/914736 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:01:52.195Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/914736", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Heap buffer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:06", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/914736", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5790", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Heap buffer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/914736", refsource: "MISC", url: "https://crbug.com/914736", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5790", datePublished: "2019-05-23T19:12:38", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:01:52.195Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5835
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/939239 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.594Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/939239", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Object lifecycle issue", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/939239", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5835", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Object lifecycle issue", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/939239", refsource: "MISC", url: "https://crbug.com/939239", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5835", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.594Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5801
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/921390 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.051Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/921390", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Incorrect security UI", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:08", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/921390", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5801", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Incorrect security UI", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/921390", refsource: "MISC", url: "https://crbug.com/921390", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5801", datePublished: "2019-05-23T19:19:27", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.051Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-15803
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:30:22.339Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support.zabbix.com/browse/ZBX-18057", }, { name: "FEDORA-2020-519516feec", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/", }, { name: "FEDORA-2020-02cf7850ca", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/", }, { name: "[debian-lts-announce] 20200803 [SECURITY] [DLA 2311-1] zabbix security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00007.html", }, { name: "openSUSE-SU-2020:1604", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html", }, { name: "[debian-lts-announce] 20210421 [SECURITY] [DLA 2631-1] zabbix security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/04/msg00018.html", }, { name: "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-12T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://support.zabbix.com/browse/ZBX-18057", }, { name: "FEDORA-2020-519516feec", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/", }, { name: "FEDORA-2020-02cf7850ca", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/", }, { name: "[debian-lts-announce] 20200803 [SECURITY] [DLA 2311-1] zabbix security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00007.html", }, { name: "openSUSE-SU-2020:1604", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html", }, { name: "[debian-lts-announce] 20210421 [SECURITY] [DLA 2631-1] zabbix security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/04/msg00018.html", }, { name: "[debian-lts-announce] 20230412 [SECURITY] [DLA 3390-1] zabbix security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-15803", datePublished: "2020-07-17T00:00:00", dateReserved: "2020-07-17T00:00:00", dateUpdated: "2024-08-04T13:30:22.339Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6455
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/1059669 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.703Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1059669", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Out of bounds read", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:48", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1059669", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6455", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out of bounds read", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/1059669", refsource: "MISC", url: "https://crbug.com/1059669", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6455", datePublished: "2020-04-13T17:31:03", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.703Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6456
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/1040755 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.786Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1040755", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient validation of untrusted input", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:24", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1040755", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6456", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient validation of untrusted input", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/1040755", refsource: "MISC", url: "https://crbug.com/1040755", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6456", datePublished: "2020-04-13T17:31:03", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.786Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-18899
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:02:39.815Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2020:0124", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { name: "openSUSE-SU-2020:0146", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1157703", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Leap 15.1", vendor: "openSUSE", versions: [ { lessThan: "3.1-lp151.3.3.1", status: "affected", version: "apt-cacher-ng", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Matthias Gerstner of SUSE", }, ], datePublic: "2020-01-20T00:00:00", descriptions: [ { lang: "en", value: "The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269: Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-13T00:00:00", orgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", shortName: "suse", }, references: [ { name: "openSUSE-SU-2020:0124", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { name: "openSUSE-SU-2020:0146", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1157703", }, ], source: { advisory: "https://bugzilla.suse.com/show_bug.cgi?id=1157703", defect: [ "1157703", ], discovery: "INTERNAL", }, title: "apt-cacher-ng insecure use of /run/apt-cacher-ng", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", assignerShortName: "suse", cveId: "CVE-2019-18899", datePublished: "2020-01-23T15:00:20.234353Z", dateReserved: "2019-11-12T00:00:00", dateUpdated: "2024-09-17T01:25:34.093Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5792
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/914983 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.449Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/914983", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:05", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/914983", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5792", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/914983", refsource: "MISC", url: "https://crbug.com/914983", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5792", datePublished: "2019-05-23T19:13:46", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.449Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13723
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://crbug.com/1024121 | x_refsource_MISC | |
https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html | x_refsource_MISC | |
https://access.redhat.com/errata/RHSA-2019:3955 | vendor-advisory, x_refsource_REDHAT | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54XWRJ5LDFL27QXBPIBX3EHO4TPMKN4R/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USW7PGIHNPE6W3LGY6ZDFLELQGSL52CH/ | vendor-advisory, x_refsource_FEDORA | |
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00035.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/202003-08 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:05:43.648Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1024121", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html", }, { name: "RHSA-2019:3955", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3955", }, { name: "FEDORA-2019-3e46b182ff", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54XWRJ5LDFL27QXBPIBX3EHO4TPMKN4R/", }, { name: "FEDORA-2019-00d5e55259", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USW7PGIHNPE6W3LGY6ZDFLELQGSL52CH/", }, { name: "openSUSE-SU-2019:2693", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00035.html", }, { name: "GLSA-202003-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-08", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "78.0.3904.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-13T04:06:23", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1024121", }, { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html", }, { name: "RHSA-2019:3955", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3955", }, { name: "FEDORA-2019-3e46b182ff", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54XWRJ5LDFL27QXBPIBX3EHO4TPMKN4R/", }, { name: "FEDORA-2019-00d5e55259", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USW7PGIHNPE6W3LGY6ZDFLELQGSL52CH/", }, { name: "openSUSE-SU-2019:2693", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00035.html", }, { name: "GLSA-202003-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-08", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2019-13723", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "78.0.3904.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://crbug.com/1024121", refsource: "MISC", url: "https://crbug.com/1024121", }, { name: "https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html", }, { name: "RHSA-2019:3955", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3955", }, { name: "FEDORA-2019-3e46b182ff", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/54XWRJ5LDFL27QXBPIBX3EHO4TPMKN4R/", }, { name: "FEDORA-2019-00d5e55259", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/USW7PGIHNPE6W3LGY6ZDFLELQGSL52CH/", }, { name: "openSUSE-SU-2019:2693", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00035.html", }, { name: "GLSA-202003-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-08", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-13723", datePublished: "2019-11-25T14:22:55", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:43.648Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6441
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/959571 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.680Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/959571", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:09", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/959571", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6441", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/959571", refsource: "MISC", url: "https://crbug.com/959571", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6441", datePublished: "2020-04-13T17:30:57", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.680Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5833
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/945067 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.392Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/945067", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Incorrect security UI", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/945067", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5833", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Incorrect security UI", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/945067", refsource: "MISC", url: "https://crbug.com/945067", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5833", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.392Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5803
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/909865 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.011Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/909865", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:05", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/909865", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5803", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/909865", refsource: "MISC", url: "https://crbug.com/909865", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5803", datePublished: "2019-05-23T19:20:26", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.011Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-0561
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html | vendor-advisory, x_refsource_SUSE |
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Intel(R) SGX SDK |
Version: before v2.6.100.1 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:02:52.206Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html", }, { name: "openSUSE-SU-2020:0604", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html", }, { name: "openSUSE-SU-2020:0615", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel(R) SGX SDK", vendor: "n/a", versions: [ { status: "affected", version: "before v2.6.100.1", }, ], }, ], descriptions: [ { lang: "en", value: "Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], problemTypes: [ { descriptions: [ { description: "Escalation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-06T14:06:03", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html", }, { name: "openSUSE-SU-2020:0604", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html", }, { name: "openSUSE-SU-2020:0615", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2020-0561", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel(R) SGX SDK", version: { version_data: [ { version_value: "before v2.6.100.1", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Escalation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html", refsource: "MISC", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html", }, { name: "openSUSE-SU-2020:0604", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html", }, { name: "openSUSE-SU-2020:0615", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2020-0561", datePublished: "2020-02-13T18:21:11", dateReserved: "2019-10-28T00:00:00", dateUpdated: "2024-08-04T06:02:52.206Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5834
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/962368 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.621Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/962368", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient data validation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/962368", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5834", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient data validation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/962368", refsource: "MISC", url: "https://crbug.com/962368", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5834", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.621Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6435
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/1032158 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.387Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1032158", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:43", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1032158", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6435", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/1032158", refsource: "MISC", url: "https://crbug.com/1032158", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6435", datePublished: "2020-04-13T17:30:54", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.387Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5804
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/933004 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.107Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/933004", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient data validation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:07", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/933004", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5804", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient data validation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/933004", refsource: "MISC", url: "https://crbug.com/933004", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5804", datePublished: "2019-05-23T19:21:29", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.107Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19951
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://sourceforge.net/p/graphicsmagick/bugs/608/ | x_refsource_MISC | |
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2020/dsa-4640 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:32:09.987Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/608/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d", }, { name: "openSUSE-SU-2020:0055", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-16T09:06:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/608/", }, { tags: [ "x_refsource_MISC", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d", }, { name: "openSUSE-SU-2020:0055", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-19951", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://sourceforge.net/p/graphicsmagick/bugs/608/", refsource: "MISC", url: "https://sourceforge.net/p/graphicsmagick/bugs/608/", }, { name: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d", refsource: "MISC", url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d", }, { name: "openSUSE-SU-2020:0055", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4640", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-19951", datePublished: "2019-12-24T00:07:02", dateReserved: "2019-12-24T00:00:00", dateUpdated: "2024-08-05T02:32:09.987Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5827
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html | x_refsource_MISC | |
https://crbug.com/952406 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://usn.ubuntu.com/4205-1/ | vendor-advisory, x_refsource_UBUNTU | |
https://security.gentoo.org/glsa/202003-16 | vendor-advisory, x_refsource_GENTOO | |
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.945Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/952406", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "USN-4205-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4205-1/", }, { name: "GLSA-202003-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-16", }, { name: "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.131", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-23T00:06:25", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/952406", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "USN-4205-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4205-1/", }, { name: "GLSA-202003-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-16", }, { name: "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2019-5827", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.131", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { name: "https://crbug.com/952406", refsource: "MISC", url: "https://crbug.com/952406", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "USN-4205-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4205-1/", }, { name: "GLSA-202003-16", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-16", }, { name: "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5827", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5824
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://crbug.com/948564 | x_refsource_MISC | |
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.729Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/948564", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.131", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Parameter passing error", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-13T22:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/948564", }, { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5824", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.131", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Parameter passing error", }, ], }, ], }, references: { reference_data: [ { name: "https://crbug.com/948564", refsource: "MISC", url: "https://crbug.com/948564", }, { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5824", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.729Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-14524
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/schismtracker/schismtracker/issues/201 | x_refsource_MISC | |
https://github.com/schismtracker/schismtracker/releases/tag/20190805 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:19:41.098Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/schismtracker/schismtracker/issues/201", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/schismtracker/schismtracker/releases/tag/20190805", }, { name: "openSUSE-SU-2019:1994", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html", }, { name: "openSUSE-SU-2019:2019", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-29T05:06:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/schismtracker/schismtracker/issues/201", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/schismtracker/schismtracker/releases/tag/20190805", }, { name: "openSUSE-SU-2019:1994", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html", }, { name: "openSUSE-SU-2019:2019", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-14524", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/schismtracker/schismtracker/issues/201", refsource: "MISC", url: "https://github.com/schismtracker/schismtracker/issues/201", }, { name: "https://github.com/schismtracker/schismtracker/releases/tag/20190805", refsource: "MISC", url: "https://github.com/schismtracker/schismtracker/releases/tag/20190805", }, { name: "openSUSE-SU-2019:1994", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html", }, { name: "openSUSE-SU-2019:2019", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-14524", datePublished: "2019-08-02T11:18:12", dateReserved: "2019-08-02T00:00:00", dateUpdated: "2024-08-05T00:19:41.098Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5810
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/916838 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.472Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/916838", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Side-channel information leakage", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/916838", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5810", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Side-channel information leakage", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/916838", refsource: "MISC", url: "https://crbug.com/916838", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5810", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.472Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5820
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/919635 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.589Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/919635", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:13", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/919635", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5820", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/919635", refsource: "MISC", url: "https://crbug.com/919635", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5820", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.589Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-20053
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/upx/upx/issues/314 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:32:10.521Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/upx/upx/issues/314", }, { name: "openSUSE-SU-2020:0163", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html", }, { name: "openSUSE-SU-2020:0180", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-06T22:06:03", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/upx/upx/issues/314", }, { name: "openSUSE-SU-2020:0163", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html", }, { name: "openSUSE-SU-2020:0180", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-20053", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/upx/upx/issues/314", refsource: "MISC", url: "https://github.com/upx/upx/issues/314", }, { name: "openSUSE-SU-2020:0163", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html", }, { name: "openSUSE-SU-2020:0180", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-20053", datePublished: "2019-12-27T21:59:11", dateReserved: "2019-12-27T00:00:00", dateUpdated: "2024-08-05T02:32:10.521Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13713
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html | x_refsource_MISC | |
https://crbug.com/993288 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:05:43.710Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/993288", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "78.0.3904.70", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-13T12:06:07", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/993288", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-13713", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "78.0.3904.70", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { name: "https://crbug.com/993288", refsource: "MISC", url: "https://crbug.com/993288", }, { name: "openSUSE-SU-2020:0010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-13713", datePublished: "2019-11-25T14:22:55", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:43.710Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5814
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/930057 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.638Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/930057", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/930057", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5814", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/930057", refsource: "MISC", url: "https://crbug.com/930057", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5814", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.638Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5793
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/937487 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.419Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/937487", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:04", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/937487", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5793", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/937487", refsource: "MISC", url: "https://crbug.com/937487", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5793", datePublished: "2019-05-23T19:14:20", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.419Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5789
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/921581 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:01:52.387Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/921581", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:08", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/921581", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5789", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/921581", refsource: "MISC", url: "https://crbug.com/921581", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5789", datePublished: "2019-05-23T19:12:11", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:01:52.387Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6431
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/852645 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.716Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/852645", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:16", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/852645", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6431", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/852645", refsource: "MISC", url: "https://crbug.com/852645", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6431", datePublished: "2020-04-13T17:30:52", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.716Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13730
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:05:43.749Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1028862", }, { name: "RHSA-2019:4238", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4238", }, { name: "openSUSE-SU-2019:2692", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html", }, { name: "FEDORA-2019-1a10c04281", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/", }, { name: "openSUSE-SU-2019:2694", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html", }, { name: "FEDORA-2020-4355ea258e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/", }, { name: "20200120 [SECURITY] [DSA 4606-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2020/Jan/27", }, { name: "DSA-4606", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4606", }, { name: "GLSA-202003-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-08", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "79.0.3945.79", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Type Confusion", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-13T04:06:10", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1028862", }, { name: "RHSA-2019:4238", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4238", }, { name: "openSUSE-SU-2019:2692", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html", }, { name: "FEDORA-2019-1a10c04281", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/", }, { name: "openSUSE-SU-2019:2694", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html", }, { name: "FEDORA-2020-4355ea258e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/", }, { name: "20200120 [SECURITY] [DSA 4606-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2020/Jan/27", }, { name: "DSA-4606", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4606", }, { name: "GLSA-202003-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-08", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2019-13730", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "79.0.3945.79", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Type Confusion", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/1028862", refsource: "MISC", url: "https://crbug.com/1028862", }, { name: "RHSA-2019:4238", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4238", }, { name: "openSUSE-SU-2019:2692", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html", }, { name: "FEDORA-2019-1a10c04281", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/", }, { name: "openSUSE-SU-2019:2694", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html", }, { name: "FEDORA-2020-4355ea258e", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/", }, { name: "20200120 [SECURITY] [DSA 4606-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2020/Jan/27", }, { name: "DSA-4606", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4606", }, { name: "GLSA-202003-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-08", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-13730", datePublished: "2019-12-10T21:01:44", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:43.749Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5832
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/959390 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.618Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/959390", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-14T18:06:16", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/959390", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5832", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/959390", refsource: "MISC", url: "https://crbug.com/959390", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5832", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5816
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/940245 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.362Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/940245", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/940245", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5816", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/940245", refsource: "MISC", url: "https://crbug.com/940245", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5816", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.362Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5807
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/945644 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.993Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/945644", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Object lifecycle issue", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:13", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/945644", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5807", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Object lifecycle issue", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/945644", refsource: "MISC", url: "https://crbug.com/945644", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5807", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.993Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6439
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/868145 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.420Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/868145", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:50", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/868145", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6439", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/868145", refsource: "MISC", url: "https://crbug.com/868145", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6439", datePublished: "2020-04-13T17:30:56", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.420Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5460
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/503208 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html | vendor-advisory, x_refsource_SUSE |
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | VLC Media Player |
Version: Fixed in 3.0.7 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.471Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackerone.com/reports/503208", }, { name: "openSUSE-SU-2019:1840", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { name: "openSUSE-SU-2019:1909", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { name: "openSUSE-SU-2019:1897", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { name: "openSUSE-SU-2019:2015", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VLC Media Player", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 3.0.7", }, ], }, ], descriptions: [ { lang: "en", value: "Double Free in VLC versions <= 3.0.6 leads to a crash.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-415", description: "Double Free (CWE-415)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-26T20:06:12", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://hackerone.com/reports/503208", }, { name: "openSUSE-SU-2019:1840", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { name: "openSUSE-SU-2019:1909", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { name: "openSUSE-SU-2019:1897", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { name: "openSUSE-SU-2019:2015", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2019-5460", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VLC Media Player", version: { version_data: [ { version_value: "Fixed in 3.0.7", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Double Free in VLC versions <= 3.0.6 leads to a crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Double Free (CWE-415)", }, ], }, ], }, references: { reference_data: [ { name: "https://hackerone.com/reports/503208", refsource: "MISC", url: "https://hackerone.com/reports/503208", }, { name: "openSUSE-SU-2019:1840", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { name: "openSUSE-SU-2019:1909", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { name: "openSUSE-SU-2019:1897", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { name: "openSUSE-SU-2019:2015", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2019-5460", datePublished: "2019-07-30T20:38:22", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:53.471Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19953
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://sourceforge.net/p/graphicsmagick/bugs/617/ | x_refsource_MISC | |
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2020/dsa-4640 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:32:10.039Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/617/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf", }, { name: "openSUSE-SU-2020:0055", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-16T09:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/617/", }, { tags: [ "x_refsource_MISC", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf", }, { name: "openSUSE-SU-2020:0055", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-19953", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://sourceforge.net/p/graphicsmagick/bugs/617/", refsource: "MISC", url: "https://sourceforge.net/p/graphicsmagick/bugs/617/", }, { name: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf", refsource: "MISC", url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf", }, { name: "openSUSE-SU-2020:0055", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4640", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-19953", datePublished: "2019-12-24T00:06:51", dateReserved: "2019-12-24T00:00:00", dateUpdated: "2024-08-05T02:32:10.039Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-45082
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/cobbler/cobbler/releases | x_refsource_MISC | |
https://bugzilla.suse.com/show_bug.cgi?id=1193678 | x_refsource_MISC | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:32:13.626Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/cobbler/cobbler/releases", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1193678", }, { name: "FEDORA-2022-0c6402a6a3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/", }, { name: "FEDORA-2022-0649006be6", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/", }, { name: "FEDORA-2022-f1510aa454", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the \"#from MODULE import\" substring. (Only lines beginning with #import are blocked.)", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-26T17:06:38", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/cobbler/cobbler/releases", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1193678", }, { name: "FEDORA-2022-0c6402a6a3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/", }, { name: "FEDORA-2022-0649006be6", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/", }, { name: "FEDORA-2022-f1510aa454", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-45082", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the \"#from MODULE import\" substring. (Only lines beginning with #import are blocked.)", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/cobbler/cobbler/releases", refsource: "MISC", url: "https://github.com/cobbler/cobbler/releases", }, { name: "https://bugzilla.suse.com/show_bug.cgi?id=1193678", refsource: "MISC", url: "https://bugzilla.suse.com/show_bug.cgi?id=1193678", }, { name: "FEDORA-2022-0c6402a6a3", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/", }, { name: "FEDORA-2022-0649006be6", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/", }, { name: "FEDORA-2022-f1510aa454", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-45082", datePublished: "2022-02-18T23:23:30", dateReserved: "2021-12-16T00:00:00", dateUpdated: "2024-08-04T04:32:13.626Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5163
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html | vendor-advisory, x_refsource_SUSE | |
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956 | x_refsource_MISC |
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Shadowsocks |
Version: Shadowsocks-libev 3.3.2 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:47:56.616Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2019:2667", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html", }, { name: "openSUSE-SU-2020:0142", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Shadowsocks", vendor: "n/a", versions: [ { status: "affected", version: "Shadowsocks-libev 3.3.2", }, ], }, ], descriptions: [ { lang: "en", value: "An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306: Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T17:35:02", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { name: "openSUSE-SU-2019:2667", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html", }, { name: "openSUSE-SU-2020:0142", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html", }, { tags: [ "x_refsource_MISC", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "talos-cna@cisco.com", ID: "CVE-2019-5163", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Shadowsocks", version: { version_data: [ { version_value: "Shadowsocks-libev 3.3.2", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.", }, ], }, impact: { cvss: { baseScore: 5.9, baseSeverity: "Medium", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-306: Missing Authentication for Critical Function", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2019:2667", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html", }, { name: "openSUSE-SU-2020:0142", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html", }, { name: "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956", refsource: "MISC", url: "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2019-5163", datePublished: "2019-12-03T21:55:47", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:47:56.616Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5828
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://crbug.com/956597 | x_refsource_MISC | |
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.235Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/956597", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/956597", }, { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5828", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://crbug.com/956597", refsource: "MISC", url: "https://crbug.com/956597", }, { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5828", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.235Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-46141
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/uriparser/uriparser/issues/121 | x_refsource_MISC | |
https://github.com/uriparser/uriparser/pull/124 | x_refsource_MISC | |
https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/ | x_refsource_CONFIRM | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5063 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T05:02:10.366Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/uriparser/uriparser/issues/121", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { name: "FEDORA-2022-00a529a8bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { name: "FEDORA-2022-cfd0048127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { name: "[debian-lts-announce] 20220126 [SECURITY] [DLA 2883-2] uriparser security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html", }, { name: "DSA-5063", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5063", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-27T02:06:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/uriparser/uriparser/issues/121", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { name: "FEDORA-2022-00a529a8bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { name: "FEDORA-2022-cfd0048127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { name: "[debian-lts-announce] 20220126 [SECURITY] [DLA 2883-2] uriparser security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html", }, { name: "DSA-5063", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5063", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-46141", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/uriparser/uriparser/issues/121", refsource: "MISC", url: "https://github.com/uriparser/uriparser/issues/121", }, { name: "https://github.com/uriparser/uriparser/pull/124", refsource: "MISC", url: "https://github.com/uriparser/uriparser/pull/124", }, { name: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", refsource: "CONFIRM", url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { name: "FEDORA-2022-00a529a8bf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { name: "FEDORA-2022-cfd0048127", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { name: "[debian-lts-announce] 20220126 [SECURITY] [DLA 2883-2] uriparser security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html", }, { name: "DSA-5063", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5063", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-46141", datePublished: "2022-01-06T03:48:45", dateReserved: "2022-01-06T00:00:00", dateUpdated: "2024-08-04T05:02:10.366Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13711
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html | x_refsource_MISC | |
https://crbug.com/986063 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:05:43.919Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/986063", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "78.0.3904.70", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-13T12:06:19", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/986063", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-13711", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "78.0.3904.70", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { name: "https://crbug.com/986063", refsource: "MISC", url: "https://crbug.com/986063", }, { name: "openSUSE-SU-2020:0010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-13711", datePublished: "2019-11-25T14:22:55", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:43.919Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6440
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/894477 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.463Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/894477", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:53", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/894477", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6440", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/894477", refsource: "MISC", url: "https://crbug.com/894477", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6440", datePublished: "2020-04-13T17:30:56", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.463Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5798
Vulnerability from cvelistv5
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.434Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/883596", }, { name: "DSA-4451", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4451", }, { name: "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/67", }, { name: "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { name: "USN-3997-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3997-1/", }, { name: "openSUSE-SU-2019:1484", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { name: "RHSA-2019:1310", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { name: "RHSA-2019:1308", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { name: "RHSA-2019:1309", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { name: "openSUSE-SU-2019:1534", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { name: "openSUSE-SU-2019:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Out of bounds read", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:06", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/883596", }, { name: "DSA-4451", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4451", }, { name: "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/May/67", }, { name: "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { name: "USN-3997-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3997-1/", }, { name: "openSUSE-SU-2019:1484", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { name: "RHSA-2019:1310", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { name: "RHSA-2019:1308", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { name: "RHSA-2019:1309", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { name: "openSUSE-SU-2019:1534", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { name: "openSUSE-SU-2019:1664", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5798", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Out of bounds read", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/883596", refsource: "MISC", url: "https://crbug.com/883596", }, { name: "DSA-4451", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4451", }, { name: "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/May/67", }, { name: "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { name: "USN-3997-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3997-1/", }, { name: "openSUSE-SU-2019:1484", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { name: "RHSA-2019:1310", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { name: "RHSA-2019:1308", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { name: "RHSA-2019:1309", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { name: "openSUSE-SU-2019:1534", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { name: "openSUSE-SU-2019:1664", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5798", datePublished: "2019-05-23T19:17:29", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.434Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13705
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html | x_refsource_MISC | |
https://crbug.com/989078 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:05:42.212Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/989078", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "78.0.3904.70", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-13T12:06:22", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/989078", }, { name: "openSUSE-SU-2020:0010", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-13705", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "78.0.3904.70", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { name: "https://crbug.com/989078", refsource: "MISC", url: "https://crbug.com/989078", }, { name: "openSUSE-SU-2020:0010", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-13705", datePublished: "2019-11-25T14:22:55", dateReserved: "2019-07-18T00:00:00", dateUpdated: "2024-08-05T00:05:42.212Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6425
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html | x_refsource_MISC | |
https://crbug.com/1031670 | x_refsource_MISC | |
https://www.debian.org/security/2020/dsa-4645 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/ | vendor-advisory, x_refsource_FEDORA | |
https://security.gentoo.org/glsa/202003-53 | vendor-advisory, x_refsource_GENTOO | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/ | vendor-advisory, x_refsource_FEDORA | |
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.618Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1031670", }, { name: "DSA-4645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4645", }, { name: "FEDORA-2020-7fd051b378", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/", }, { name: "GLSA-202003-53", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-53", }, { name: "FEDORA-2020-17149a4f3d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/", }, { name: "openSUSE-SU-2020:0389", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.html", }, { name: "FEDORA-2020-39e0b8bd14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "80.0.3987.149", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-27T12:06:37", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1031670", }, { name: "DSA-4645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4645", }, { name: "FEDORA-2020-7fd051b378", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/", }, { name: "GLSA-202003-53", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-53", }, { name: "FEDORA-2020-17149a4f3d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/", }, { name: "openSUSE-SU-2020:0389", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.html", }, { name: "FEDORA-2020-39e0b8bd14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6425", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "80.0.3987.149", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html", }, { name: "https://crbug.com/1031670", refsource: "MISC", url: "https://crbug.com/1031670", }, { name: "DSA-4645", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4645", }, { name: "FEDORA-2020-7fd051b378", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/", }, { name: "GLSA-202003-53", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-53", }, { name: "FEDORA-2020-17149a4f3d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/", }, { name: "openSUSE-SU-2020:0389", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.html", }, { name: "FEDORA-2020-39e0b8bd14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6425", datePublished: "2020-03-23T12:35:36", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10592
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://trac.torproject.org/projects/tor/ticket/33120 | x_refsource_MISC | |
https://security.gentoo.org/glsa/202003-50 | vendor-advisory, x_refsource_GENTOO | |
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:06:10.160Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://trac.torproject.org/projects/tor/ticket/33120", }, { name: "GLSA-202003-50", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-50", }, { name: "openSUSE-SU-2020:0406", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html", }, { name: "openSUSE-SU-2020:0428", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-31T17:05:59", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://trac.torproject.org/projects/tor/ticket/33120", }, { name: "GLSA-202003-50", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-50", }, { name: "openSUSE-SU-2020:0406", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html", }, { name: "openSUSE-SU-2020:0428", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-10592", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://trac.torproject.org/projects/tor/ticket/33120", refsource: "MISC", url: "https://trac.torproject.org/projects/tor/ticket/33120", }, { name: "GLSA-202003-50", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-50", }, { name: "openSUSE-SU-2020:0406", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html", }, { name: "openSUSE-SU-2020:0428", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-10592", datePublished: "2020-03-23T12:16:48", dateReserved: "2020-03-15T00:00:00", dateUpdated: "2024-08-04T11:06:10.160Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5822
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/926105 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.664Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/926105", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:13", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/926105", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5822", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/926105", refsource: "MISC", url: "https://crbug.com/926105", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5822", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.664Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6446
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/933172 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.545Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/933172", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:25", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/933172", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6446", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/933172", refsource: "MISC", url: "https://crbug.com/933172", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6446", datePublished: "2020-04-13T17:30:59", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.545Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11328
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/sylabs/singularity/releases/tag/v3.2.0 | x_refsource_CONFIRM | |
http://www.openwall.com/lists/oss-security/2019/05/16/1 | mailing-list, x_refsource_MLIST | |
http://www.securityfocus.com/bid/108360 | vdb-entry, x_refsource_BID | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2/ | vendor-advisory, x_refsource_FEDORA | |
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:48:09.093Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/sylabs/singularity/releases/tag/v3.2.0", }, { name: "[oss-security] 20190516 Singularity 3.1.0: CVE-2019-11328: namespace privilege escalation and arbitrary file corruption", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/05/16/1", }, { name: "108360", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108360", }, { name: "FEDORA-2019-da2ed3b0b5", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA/", }, { name: "FEDORA-2019-9f48c6fedc", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3/", }, { name: "FEDORA-2019-25ecc42592", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2/", }, { name: "openSUSE-SU-2019:2288", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html", }, { name: "openSUSE-SU-2020:1037", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-05-14T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-23T11:06:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/sylabs/singularity/releases/tag/v3.2.0", }, { name: "[oss-security] 20190516 Singularity 3.1.0: CVE-2019-11328: namespace privilege escalation and arbitrary file corruption", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/05/16/1", }, { name: "108360", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108360", }, { name: "FEDORA-2019-da2ed3b0b5", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA/", }, { name: "FEDORA-2019-9f48c6fedc", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3/", }, { name: "FEDORA-2019-25ecc42592", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2/", }, { name: "openSUSE-SU-2019:2288", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html", }, { name: "openSUSE-SU-2020:1037", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-11328", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/sylabs/singularity/releases/tag/v3.2.0", refsource: "CONFIRM", url: "https://github.com/sylabs/singularity/releases/tag/v3.2.0", }, { name: "[oss-security] 20190516 Singularity 3.1.0: CVE-2019-11328: namespace privilege escalation and arbitrary file corruption", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/05/16/1", }, { name: "108360", refsource: "BID", url: "http://www.securityfocus.com/bid/108360", }, { name: "FEDORA-2019-da2ed3b0b5", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA/", }, { name: "FEDORA-2019-9f48c6fedc", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3/", }, { name: "FEDORA-2019-25ecc42592", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2/", }, { name: "openSUSE-SU-2019:2288", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html", }, { name: "openSUSE-SU-2020:1037", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-11328", datePublished: "2019-05-14T20:24:29", dateReserved: "2019-04-18T00:00:00", dateUpdated: "2024-08-04T22:48:09.093Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5788
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/925864 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:01:52.261Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/925864", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:06", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/925864", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5788", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/925864", refsource: "MISC", url: "https://crbug.com/925864", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5788", datePublished: "2019-05-23T19:11:39", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:01:52.261Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-16709
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/ImageMagick/ImageMagick/issues/1531 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html | vendor-advisory, x_refsource_SUSE | |
https://usn.ubuntu.com/4192-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:17:41.179Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ImageMagick/ImageMagick/issues/1531", }, { name: "openSUSE-SU-2019:2317", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", }, { name: "openSUSE-SU-2019:2321", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", }, { name: "USN-4192-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4192-1/", }, { name: "openSUSE-SU-2019:2515", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", }, { name: "openSUSE-SU-2019:2519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-17T18:07:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/ImageMagick/ImageMagick/issues/1531", }, { name: "openSUSE-SU-2019:2317", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", }, { name: "openSUSE-SU-2019:2321", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", }, { name: "USN-4192-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4192-1/", }, { name: "openSUSE-SU-2019:2515", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", }, { name: "openSUSE-SU-2019:2519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-16709", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/ImageMagick/ImageMagick/issues/1531", refsource: "MISC", url: "https://github.com/ImageMagick/ImageMagick/issues/1531", }, { name: "openSUSE-SU-2019:2317", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", }, { name: "openSUSE-SU-2019:2321", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", }, { name: "USN-4192-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4192-1/", }, { name: "openSUSE-SU-2019:2515", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", }, { name: "openSUSE-SU-2019:2519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-16709", datePublished: "2019-09-23T11:46:10", dateReserved: "2019-09-23T00:00:00", dateUpdated: "2024-08-05T01:17:41.179Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5808
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/947029 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.978Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/947029", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/947029", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5808", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/947029", refsource: "MISC", url: "https://crbug.com/947029", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5808", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.978Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-15624
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/508493 | x_refsource_MISC | |
https://nextcloud.com/security/advisory/?id=NC-SA-2019-015 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html | vendor-advisory, x_refsource_SUSE |
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Nextcloud Server |
Version: 15.0.7 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:56:20.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackerone.com/reports/508493", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2019-015", }, { name: "openSUSE-SU-2020:0220", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { name: "openSUSE-SU-2020:0229", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Nextcloud Server", vendor: "n/a", versions: [ { status: "affected", version: "15.0.7", }, ], }, ], descriptions: [ { lang: "en", value: "Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.", }, ], problemTypes: [ { descriptions: [ { description: "Privilege Escalation (CAPEC-233)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-17T18:06:04", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://hackerone.com/reports/508493", }, { tags: [ "x_refsource_MISC", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2019-015", }, { name: "openSUSE-SU-2020:0220", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { name: "openSUSE-SU-2020:0229", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2019-15624", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Nextcloud Server", version: { version_data: [ { version_value: "15.0.7", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Privilege Escalation (CAPEC-233)", }, ], }, ], }, references: { reference_data: [ { name: "https://hackerone.com/reports/508493", refsource: "MISC", url: "https://hackerone.com/reports/508493", }, { name: "https://nextcloud.com/security/advisory/?id=NC-SA-2019-015", refsource: "MISC", url: "https://nextcloud.com/security/advisory/?id=NC-SA-2019-015", }, { name: "openSUSE-SU-2020:0220", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { name: "openSUSE-SU-2020:0229", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2019-15624", datePublished: "2020-02-04T19:08:57", dateReserved: "2019-08-26T00:00:00", dateUpdated: "2024-08-05T00:56:20.901Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5795
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/919643 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.451Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/919643", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:04", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/919643", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5795", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/919643", refsource: "MISC", url: "https://crbug.com/919643", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5795", datePublished: "2019-05-23T19:15:18", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.451Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6437
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/639173 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.479Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/639173", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:27", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/639173", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6437", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/639173", refsource: "MISC", url: "https://crbug.com/639173", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6437", datePublished: "2020-04-13T17:30:55", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.479Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6442
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/1013906 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.455Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1013906", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Inappropriate implementation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1013906", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6442", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Inappropriate implementation", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/1013906", refsource: "MISC", url: "https://crbug.com/1013906", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6442", datePublished: "2020-04-13T17:30:57", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.455Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5837
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html | x_refsource_MISC | |
https://crbug.com/918293 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.212Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/918293", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "75.0.3770.80", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Side-channel information leakage", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-14T18:06:13", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/918293", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5837", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "75.0.3770.80", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Side-channel information leakage", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { name: "https://crbug.com/918293", refsource: "MISC", url: "https://crbug.com/918293", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, { name: "FEDORA-2019-e5ff5d0ffd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5837", datePublished: "2019-06-27T16:13:44", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.212Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5806
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/943087 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.991Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/943087", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Integer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:11", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/943087", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5806", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/943087", refsource: "MISC", url: "https://crbug.com/943087", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5806", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.991Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6610
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:11:04.662Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120", }, { name: "openSUSE-SU-2020:0096", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html", }, { name: "openSUSE-SU-2020:0115", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-28T15:06:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120", }, { name: "openSUSE-SU-2020:0096", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html", }, { name: "openSUSE-SU-2020:0115", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-6610", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120", refsource: "MISC", url: "https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120", }, { name: "openSUSE-SU-2020:0096", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html", }, { name: "openSUSE-SU-2020:0115", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-6610", datePublished: "2020-01-08T20:43:51", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:11:04.662Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-5202
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://security-tracker.debian.org/tracker/CVE-2020-5202 | x_refsource_MISC | |
http://www.openwall.com/lists/oss-security/2020/01/20/4 | mailing-list, x_refsource_MLIST | |
http://www.openwall.com/lists/oss-security/2020/01/20/4 | x_refsource_MISC | |
https://seclists.org/oss-sec/2020/q1/21 | mailing-list, x_refsource_MLIST | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:22:08.913Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2020-5202", }, { name: "[oss-security] 20200120 CVE-2020-5202: apt-cacher-ng: a local unprivileged user can impersonate the apt-cacher-ng daemon, possible credentials leak", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { name: "[oss-security] 20200120 CVE-2020-5202: apt-cacher-ng: a local unprivileged user can impersonate the apt-cacher-ng daemon, possible credentials leak", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://seclists.org/oss-sec/2020/q1/21", }, { name: "openSUSE-SU-2020:0124", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { name: "openSUSE-SU-2020:0146", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-29T22:06:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://security-tracker.debian.org/tracker/CVE-2020-5202", }, { name: "[oss-security] 20200120 CVE-2020-5202: apt-cacher-ng: a local unprivileged user can impersonate the apt-cacher-ng daemon, possible credentials leak", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { tags: [ "x_refsource_MISC", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { name: "[oss-security] 20200120 CVE-2020-5202: apt-cacher-ng: a local unprivileged user can impersonate the apt-cacher-ng daemon, possible credentials leak", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://seclists.org/oss-sec/2020/q1/21", }, { name: "openSUSE-SU-2020:0124", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { name: "openSUSE-SU-2020:0146", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-5202", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://security-tracker.debian.org/tracker/CVE-2020-5202", refsource: "MISC", url: "https://security-tracker.debian.org/tracker/CVE-2020-5202", }, { name: "[oss-security] 20200120 CVE-2020-5202: apt-cacher-ng: a local unprivileged user can impersonate the apt-cacher-ng daemon, possible credentials leak", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { name: "http://www.openwall.com/lists/oss-security/2020/01/20/4", refsource: "MISC", url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { name: "[oss-security] 20200120 CVE-2020-5202: apt-cacher-ng: a local unprivileged user can impersonate the apt-cacher-ng daemon, possible credentials leak", refsource: "MLIST", url: "https://seclists.org/oss-sec/2020/q1/21", }, { name: "openSUSE-SU-2020:0124", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { name: "openSUSE-SU-2020:0146", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-5202", datePublished: "2020-01-21T17:54:04", dateReserved: "2020-01-02T00:00:00", dateUpdated: "2024-08-04T08:22:08.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5799
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
https://crbug.com/905301 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.977Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/905301", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:08", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/905301", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5799", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "https://crbug.com/905301", refsource: "MISC", url: "https://crbug.com/905301", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5799", datePublished: "2019-05-23T19:18:02", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.977Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5813
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/942699 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.313Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/942699", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/942699", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5813", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/942699", refsource: "MISC", url: "https://crbug.com/942699", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5813", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.313Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5459
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/502816 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.560Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackerone.com/reports/502816", }, { name: "openSUSE-SU-2019:1840", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { name: "openSUSE-SU-2019:1909", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { name: "openSUSE-SU-2019:1897", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { name: "openSUSE-SU-2019:2015", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "VLC", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 3.0.7", }, ], }, ], descriptions: [ { lang: "en", value: "An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-191", description: "Integer Underflow (CWE-191)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-26T20:06:12", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://hackerone.com/reports/502816", }, { name: "openSUSE-SU-2019:1840", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { name: "openSUSE-SU-2019:1909", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { name: "openSUSE-SU-2019:1897", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { name: "openSUSE-SU-2019:2015", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2019-5459", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "VLC", version: { version_data: [ { version_value: "Fixed in 3.0.7", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Integer Underflow (CWE-191)", }, ], }, ], }, references: { reference_data: [ { name: "https://hackerone.com/reports/502816", refsource: "MISC", url: "https://hackerone.com/reports/502816", }, { name: "openSUSE-SU-2019:1840", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { name: "openSUSE-SU-2019:1909", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { name: "openSUSE-SU-2019:1897", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { name: "openSUSE-SU-2019:2015", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2019-5459", datePublished: "2019-07-30T20:24:06", dateReserved: "2019-01-04T00:00:00", dateUpdated: "2024-08-04T19:54:53.560Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6432
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html | x_refsource_MISC | |
https://crbug.com/965611 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2020/dsa-4714 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.538Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/965611", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "81.0.4044.92", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Insufficient policy enforcement", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-02T11:06:35", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/965611", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6432", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "81.0.4044.92", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Insufficient policy enforcement", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { name: "https://crbug.com/965611", refsource: "MISC", url: "https://crbug.com/965611", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { name: "FEDORA-2020-b82a634e27", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { name: "FEDORA-2020-0e7f1b663b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { name: "FEDORA-2020-da49fbb17c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { name: "DSA-4714", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4714", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6432", datePublished: "2020-04-13T17:30:52", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.538Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19950
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://sourceforge.net/p/graphicsmagick/bugs/603/ | x_refsource_MISC | |
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html | vendor-advisory, x_refsource_SUSE | |
https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2020/dsa-4640 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:32:10.403Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/603/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4", }, { name: "openSUSE-SU-2020:0055", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-16T09:06:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/603/", }, { tags: [ "x_refsource_MISC", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4", }, { name: "openSUSE-SU-2020:0055", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-19950", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://sourceforge.net/p/graphicsmagick/bugs/603/", refsource: "MISC", url: "https://sourceforge.net/p/graphicsmagick/bugs/603/", }, { name: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4", refsource: "MISC", url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4", }, { name: "openSUSE-SU-2020:0055", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { name: "openSUSE-SU-2020:0145", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { name: "[debian-lts-announce] 20200129 [SECURITY] [DLA 2084-1] graphicsmagick security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { name: "DSA-4640", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4640", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-19950", datePublished: "2019-12-24T00:07:10", dateReserved: "2019-12-24T00:00:00", dateUpdated: "2024-08-05T02:32:10.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6452
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html | x_refsource_MISC | |
https://crbug.com/1059764 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/ | vendor-advisory, x_refsource_FEDORA | |
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:02:40.718Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/1059764", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "FEDORA-2020-b2df49bb01", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/", }, { name: "FEDORA-2020-161c87cbc7", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "80.0.3987.162", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Heap buffer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-19T02:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/1059764", }, { name: "openSUSE-SU-2020:0519", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "FEDORA-2020-b2df49bb01", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/", }, { name: "FEDORA-2020-161c87cbc7", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/", }, { name: "openSUSE-SU-2020:0540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "chrome-cve-admin@google.com", ID: "CVE-2020-6452", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "80.0.3987.162", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Heap buffer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html", }, { name: "https://crbug.com/1059764", refsource: "MISC", url: "https://crbug.com/1059764", }, { name: "openSUSE-SU-2020:0519", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { name: "FEDORA-2020-b2df49bb01", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/", }, { name: "FEDORA-2020-161c87cbc7", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/", }, { name: "openSUSE-SU-2020:0540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2020-6452", datePublished: "2020-04-13T17:31:02", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T09:02:40.718Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5787
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://crbug.com/913964 | x_refsource_MISC | |
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:01:52.386Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/913964", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { status: "affected", version: "prior to 73.0.3683.75", }, ], }, ], descriptions: [ { lang: "en", value: "Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-06-28T17:06:06", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/913964", }, { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5787", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_value: "prior to 73.0.3683.75", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://crbug.com/913964", refsource: "MISC", url: "https://crbug.com/913964", }, { name: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5787", datePublished: "2019-05-23T19:10:37", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:01:52.386Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-46142
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://github.com/uriparser/uriparser/pull/124 | x_refsource_MISC | |
https://github.com/uriparser/uriparser/issues/122 | x_refsource_MISC | |
https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/ | x_refsource_CONFIRM | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2022/dsa-5063 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T05:02:10.368Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/uriparser/uriparser/issues/122", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { name: "FEDORA-2022-00a529a8bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { name: "FEDORA-2022-cfd0048127", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { name: "DSA-5063", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5063", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-27T02:06:11", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/uriparser/uriparser/issues/122", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { name: "FEDORA-2022-00a529a8bf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { name: "FEDORA-2022-cfd0048127", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { name: "DSA-5063", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5063", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-46142", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/uriparser/uriparser/pull/124", refsource: "MISC", url: "https://github.com/uriparser/uriparser/pull/124", }, { name: "https://github.com/uriparser/uriparser/issues/122", refsource: "MISC", url: "https://github.com/uriparser/uriparser/issues/122", }, { name: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", refsource: "CONFIRM", url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { name: "FEDORA-2022-00a529a8bf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { name: "FEDORA-2022-cfd0048127", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { name: "DSA-5063", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5063", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-46142", datePublished: "2022-01-06T03:48:36", dateReserved: "2022-01-06T00:00:00", dateUpdated: "2024-08-04T05:02:10.368Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5809
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/941008 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://www.debian.org/security/2019/dsa-4500 | vendor-advisory, x_refsource_DEBIAN | |
https://seclists.org/bugtraq/2019/Aug/19 | mailing-list, x_refsource_BUGTRAQ | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:22.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/941008", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use after free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:12", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/941008", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5809", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use after free", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/941008", refsource: "MISC", url: "https://crbug.com/941008", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-8fb8240d14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "DSA-4500", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4500", }, { name: "20190813 [SECURITY] [DSA 4500-1] chromium security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5809", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:22.976Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10163
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html | vendor-advisory, x_refsource_SUSE | |
https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/ | x_refsource_CONFIRM | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163 | x_refsource_CONFIRM | |
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:10:10.003Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "openSUSE-SU-2019:1904", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html", }, { name: "openSUSE-SU-2019:1921", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "pdns", vendor: "PowerDNS", versions: [ { status: "affected", version: "fixed in 4.1.9", }, { status: "affected", version: "fixed in 4.0.8", }, ], }, ], descriptions: [ { lang: "en", value: "A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-04T18:00:58", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "openSUSE-SU-2019:1904", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html", }, { name: "openSUSE-SU-2019:1921", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163", }, { tags: [ "x_refsource_MISC", ], url: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-10163", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "pdns", version: { version_data: [ { version_value: "fixed in 4.1.9", }, { version_value: "fixed in 4.0.8", }, ], }, }, ], }, vendor_name: "PowerDNS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.", }, ], }, impact: { cvss: [ [ { vectorString: "3.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-770", }, ], }, ], }, references: { reference_data: [ { name: "openSUSE-SU-2019:1904", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html", }, { name: "openSUSE-SU-2019:1921", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html", }, { name: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", refsource: "CONFIRM", url: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163", }, { name: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", refsource: "MISC", url: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-10163", datePublished: "2019-07-30T22:16:59", dateReserved: "2019-03-27T00:00:00", dateUpdated: "2024-08-04T22:10:10.003Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-15613
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://hackerone.com/reports/697959 | x_refsource_MISC | |
https://nextcloud.com/security/advisory/?id=NC-SA-2020-002 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html | vendor-advisory, x_refsource_SUSE |
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Nextcloud Server |
Version: 17.0.2 |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:56:20.890Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackerone.com/reports/697959", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2020-002", }, { name: "openSUSE-SU-2020:0220", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { name: "openSUSE-SU-2020:0229", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Nextcloud Server", vendor: "n/a", versions: [ { status: "affected", version: "17.0.2", }, ], }, ], descriptions: [ { lang: "en", value: "A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "Improper Input Validation (CWE-20)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-17T18:06:04", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://hackerone.com/reports/697959", }, { tags: [ "x_refsource_MISC", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2020-002", }, { name: "openSUSE-SU-2020:0220", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { name: "openSUSE-SU-2020:0229", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2019-15613", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Nextcloud Server", version: { version_data: [ { version_value: "17.0.2", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Input Validation (CWE-20)", }, ], }, ], }, references: { reference_data: [ { name: "https://hackerone.com/reports/697959", refsource: "MISC", url: "https://hackerone.com/reports/697959", }, { name: "https://nextcloud.com/security/advisory/?id=NC-SA-2020-002", refsource: "MISC", url: "https://nextcloud.com/security/advisory/?id=NC-SA-2020-002", }, { name: "openSUSE-SU-2020:0220", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { name: "openSUSE-SU-2020:0229", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2019-15613", datePublished: "2020-02-04T19:08:57", dateReserved: "2019-08-26T00:00:00", dateUpdated: "2024-08-05T00:56:20.890Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-5817
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html | x_refsource_MISC | |
https://crbug.com/943709 | x_refsource_MISC | |
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html | vendor-advisory, x_refsource_SUSE | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/ | vendor-advisory, x_refsource_FEDORA | |
https://security.gentoo.org/glsa/201908-18 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:09:23.587Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/943709", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Chrome", vendor: "Google", versions: [ { lessThan: "74.0.3729.108", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Heap buffer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-15T17:06:13", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/943709", }, { name: "openSUSE-SU-2019:1666", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201908-18", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2019-5817", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Chrome", version: { version_data: [ { version_affected: "<", version_value: "74.0.3729.108", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Heap buffer overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { name: "https://crbug.com/943709", refsource: "MISC", url: "https://crbug.com/943709", }, { name: "openSUSE-SU-2019:1666", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { name: "FEDORA-2019-a1af621faf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { name: "GLSA-201908-18", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201908-18", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2019-5817", datePublished: "2019-06-27T16:13:43", dateReserved: "2019-01-09T00:00:00", dateUpdated: "2024-08-04T20:09:23.587Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", matchCriteriaId: "387021A0-AF36-463C-A605-32EA7DAC172E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.", }, { lang: "es", value: "La validación de datos insuficiente en las herramientas de desarrollador en Google Chrome en OS X antes de 74.0.3729.108 permitió que un atacante local ejecutara código arbitrario a través de una cadena hecha a mano copiada al portapapeles.", }, ], id: "CVE-2019-5819", lastModified: "2024-11-21T04:45:34.353", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.583", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/919356", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/919356", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en omnibox en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir la Interfaz de Usuario de seguridad por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6441", lastModified: "2024-11-21T05:35:44.067", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.327", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/959571", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/959571", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
graphicsmagick | graphicsmagick | * | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", matchCriteriaId: "FEEFFEE6-98B6-41A8-93F1-EB2510D04EFE", versionEndExcluding: "1.3.35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.", }, { lang: "es", value: "GraphicsMagick versiones anteriores a la versión 1.3.35, tiene un desbordamiento de enteros y un desbordamiento del búfer en la región heap de la memoria en la función HuffmanDecodeImage en el archivo magick/compress.c.", }, ], id: "CVE-2020-10938", lastModified: "2024-11-21T04:56:24.750", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-24T16:15:12.750", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4675", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4675", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El uso de memoria después del proceso Garbage-Collection en Blink en Google Chrome antes de la versión 73.0.3683.75, permitió a un atacante remoto explotar potencialmente la corrupción de pila por medio de una página HTML creada.", }, ], id: "CVE-2019-5787", lastModified: "2024-11-21T04:45:29.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.560", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/913964", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/913964", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.", }, { lang: "es", value: "Una implementación inapropiada en WebView en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto falsificar la Interfaz de Usuario de seguridad por medio de una aplicación diseñada.", }, ], id: "CVE-2020-6437", lastModified: "2024-11-21T05:35:43.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.107", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://crbug.com/639173", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://crbug.com/639173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
schismtracker | schism_tracker | * | |
opensuse | backports | sle-15 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.0 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:schismtracker:schism_tracker:*:*:*:*:*:*:*:*", matchCriteriaId: "2DD466FF-0AC5-4680-B956-AD071BFB707A", versionEndIncluding: "20190722", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmt_mtm_load_song in fmt/mtm.c, a different vulnerability than CVE-2019-14465.", }, { lang: "es", value: "Se descubrió un problema en Schism Tracker a través de 20190722. Hay un desbordamiento de búfer basado en el montón a través de una gran cantidad de patrones de canciones en fmt_mtm_load_song en fmt / mtm.c, una vulnerabilidad diferente a CVE-2019-14465.", }, ], id: "CVE-2019-14524", lastModified: "2024-11-21T04:26:53.857", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-02T12:15:12.317", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/schismtracker/schismtracker/issues/201", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/schismtracker/schismtracker/releases/tag/20190805", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00072.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00083.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/schismtracker/schismtracker/issues/201", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/schismtracker/schismtracker/releases/tag/20190805", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", matchCriteriaId: "B5415705-33E5-46D5-8E4D-9EBADC8C5705", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, { lang: "es", value: "La IU de seguridad incorrecta en el bloqueador de ventanas emergentes en Google Chrome en iOS antes de 75.0.3770.80 permitió que un atacante remoto omitiera las restricciones de navegación a través de una página HTML diseñada.", }, ], id: "CVE-2019-5840", lastModified: "2024-11-21T04:45:37.243", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.710", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/951782", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/951782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name.", }, { lang: "es", value: "Un procesamiento incorrecto de línea de comandos en Chrome en Google Chrome antes de la versión 73.0.3683.75, permitió que un atacante local ejecutara una falsificación de dominio mediante un nombre de dominio creado.", }, ], id: "CVE-2019-5804", lastModified: "2024-11-21T04:45:31.687", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:01.357", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/933004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/933004", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.", }, { lang: "es", value: "Una comprobación insuficiente de datos en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools ejecutar código arbitrario por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6443", lastModified: "2024-11-21T05:35:44.293", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.420", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1040080", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1040080", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
opensuse | backports | sle-15 | |
opensuse | leap | 15.0 | |
opensuse | leap | 15.1 | |
opensuse | leap | 42.3 | |
fedoraproject | fedora | 29 | |
fedoraproject | fedora | 30 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
canonical | ubuntu_linux | 12.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 19.04 | |
canonical | ubuntu_linux | 19.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E86A7A78-CFB0-4CF5-AFE2-E1C88ED6E19D", versionEndExcluding: "74.0.3729.131", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*", matchCriteriaId: "1F3EFED2-F6BC-46D9-AB22-D5ED87EF4549", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El desbordamiento de enteros en SQLite a través de WebSQL en Google Chrome antes de 74.0.3729.131 permitió que un atacante remoto pudiera explotar la corrupción del heap a través de una página HTML diseñada.", }, ], id: "CVE-2019-5827", lastModified: "2024-11-21T04:45:35.437", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.913", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://crbug.com/952406", }, { source: "chrome-cve-admin@google.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-16", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4205-1/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://crbug.com/952406", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4205-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.", }, { lang: "es", value: "La aplicación de políticas insuficientes en la API de extensiones en Google Chrome antes de 75.0.3770.80 permitió a un atacante que convenció a un usuario de instalar una extensión maliciosa para evitar las restricciones en los URI de archivos a través de una extensión de Chrome diseñada.", }, ], id: "CVE-2019-5838", lastModified: "2024-11-21T04:45:36.937", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.600", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/893087", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/893087", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "Una lectura fuera de límites en WebSQL en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6455", lastModified: "2024-11-21T05:35:45.753", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:13.000", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1059669", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1059669", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html | Mailing List, Third Party Advisory | |
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gnu:libredwg:0.9.3.2564:*:*:*:*:*:*:*", matchCriteriaId: "6292F71C-4D80-4570-A07D-C790FEEE9B2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c.", }, { lang: "es", value: "GNU LibreDWG versión 0.9.3.2564, tiene un intento de asignación excesiva de memoria en la función read_sections_map en el archivo decode_r2007.c.", }, ], id: "CVE-2020-6610", lastModified: "2024-11-21T05:36:01.557", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-08T21:15:11.287", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/LibreDWG/libredwg/issues/179#issuecomment-570447120", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.", }, { lang: "es", value: "La validación excesiva de datos en el analizador de URL en Google Chrome anterior a la versión 75.0.3770.80 permitió que un atacante remoto convenciera a un usuario de introducir una URL para omitir la validación de URL del sitio web a través de una URL diseñada.", }, ], id: "CVE-2019-5839", lastModified: "2024-11-21T04:45:37.067", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.647", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/925614", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/925614", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.", }, { lang: "es", value: "Una implementación inapropiada en extensions en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante que convenció a un usuario a instalar una extensión maliciosa para obtener información potencialmente confidencial por medio de una Extensión de Chrome diseñada.", }, ], id: "CVE-2020-6440", lastModified: "2024-11-21T05:35:43.953", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.267", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/894477", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/894477", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
novell | suse_package_hub_for_suse_linux_enterprise | 12 | |
opensuse | backports | sle-15 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_for_scientific_computing | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "D3900404-81EC-4968-BD74-1630F385643D", versionEndExcluding: "79.0.3945.79", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:novell:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:*:*:*", matchCriteriaId: "B5BEF8F1-A70F-455C-BFDD-09E0A658F702", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*", matchCriteriaId: "634C23AC-AC9C-43F4-BED8-1C720816D5E3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "Una confusión de tipo en JavaScript en Google Chrome versiones anteriores a la versión 79.0.3945.79, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML especialmente diseñada.", }, ], id: "CVE-2019-13730", lastModified: "2024-11-21T04:25:35.880", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-10T22:15:13.120", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:4238", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", ], url: "https://crbug.com/1028862", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/", }, { source: "chrome-cve-admin@google.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Jan/27", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-08", }, { source: "chrome-cve-admin@google.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4606", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:4238", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://crbug.com/1028862", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Jan/27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4606", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, { lang: "en", value: "CWE-843", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
imagemagick | imagemagick | 7.0.8-35 | |
opensuse | backports | sle-15 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.0 | |
opensuse | leap | 15.1 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 19.04 | |
canonical | ubuntu_linux | 19.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", matchCriteriaId: "5D3D09FA-AD5C-4BE2-BDF5-746DD70AA733", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", }, { lang: "es", value: "ImageMagick versión 7.0.8-35, presenta una pérdida de memoria en el archivo coders/dps.c, como es demostrado mediante la función XCreateImage.", }, ], id: "CVE-2019-16709", lastModified: "2024-11-21T04:31:01.757", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-23T12:15:10.487", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/ImageMagick/ImageMagick/issues/1531", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4192-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/ImageMagick/ImageMagick/issues/1531", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4192-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
graphicsmagick | graphicsmagick | 1.4 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:graphicsmagick:graphicsmagick:1.4:2019-04-23:*:*:*:*:*:*", matchCriteriaId: "9CEB360F-07B5-4199-86E5-AC910D419648", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.", }, { lang: "es", value: "En GraphicsMagick versión 1.4 snapshot-20190423 Q8, se presenta un desbordamiento de búfer en la región heap de la memoria en la función ImportRLEPixels del archivo coders/miff.c.", }, ], id: "CVE-2019-19951", lastModified: "2024-11-21T04:35:43.817", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-24T01:15:11.450", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/608/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/608/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, { lang: "es", value: "El desbordamiento de enteros en el administrador de descargas en Google Chrome antes de la versión 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de límites a través de una página HTML diseñada.", }, ], id: "CVE-2019-5829", lastModified: "2024-11-21T04:45:35.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.053", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/958533", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/958533", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", }, { lang: "es", value: "La optimización inadecuada en V8 en Google Chrome antes de la versión 73.0.3683.75, permitió a un atacante remoto ejecutar una lectura de memoria fuera de límites por medio de una página HTML creada.", }, ], id: "CVE-2019-5791", lastModified: "2024-11-21T04:45:30.043", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.747", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/926651", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/926651", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, { lang: "en", value: "CWE-843", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
graphicsmagick | graphicsmagick | 1.4 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:graphicsmagick:graphicsmagick:1.4:2019-12-08:*:*:*:*:*:*", matchCriteriaId: "261F17D8-6018-4EE3-8F94-910942F6F552", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buffer over-read in the function EncodeImage of coders/pict.c.", }, { lang: "es", value: "En GraphicsMagick versión 1.4 snapshot-20191208 Q8, se presenta una lectura excesiva de búfer en la región heap de la memoria en la función EncodeImage del archivo coders/pict.c.", }, ], id: "CVE-2019-19953", lastModified: "2024-11-21T04:35:44.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-24T01:15:11.590", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/617/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/617/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
secure@intel.com | http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html | Mailing List, Third Party Advisory | |
secure@intel.com | http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html | Mailing List, Third Party Advisory | |
secure@intel.com | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html | Vendor Advisory |
Vendor | Product | Version | |
---|---|---|---|
intel | software_guard_extensions_sdk | * | |
microsoft | windows | - | |
intel | software_guard_extensions_sdk | * | |
linux | linux_kernel | - | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:software_guard_extensions_sdk:*:*:*:*:*:*:*:*", matchCriteriaId: "BDB8EADB-E24B-444F-9D97-2EF45326233E", versionEndExcluding: "2.6.100.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:intel:software_guard_extensions_sdk:*:*:*:*:*:*:*:*", matchCriteriaId: "60DE7C7E-F1EF-4F5C-A6D1-4C852E7279B1", versionEndExcluding: "2.8.100.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.", }, { lang: "es", value: "Una inicialización inapropiada en el SDK Intel® SGX versiones anteriores a v2.6.100.1, puede habilitar a un usuario autenticado para permitir potencialmente una escalada de privilegios por medio de un acceso local.", }, ], id: "CVE-2020-0561", lastModified: "2024-11-21T04:53:45.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-13T19:15:13.880", references: [ { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html", }, { source: "secure@intel.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00009.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00336.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-665", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, { lang: "es", value: "El problema del ciclo de vida de los objetos en SwiftShader en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de los límites a través de una página HTML diseñada.", }, ], id: "CVE-2019-5835", lastModified: "2024-11-21T04:45:36.553", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.380", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/939239", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/939239", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, { lang: "es", value: "La herencia incorrecta de la política en un documento nuevo en Content Security Policy en Google Chrome antes de la versión 73.0.3683.75, permitió a un atacante remoto eludir la política de seguridad de contenido por medio de una página HTML creada.", }, ], id: "CVE-2019-5799", lastModified: "2024-11-21T04:45:31.090", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:01.093", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/905301", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/905301", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
suse | package_hub | - | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 | |
canonical | ubuntu_linux | 19.04 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.0 | |
opensuse | leap | 15.1 | |
opensuse | leap | 42.3 | |
redhat | enterprise_linux | 6.0 | |
redhat | enterprise_linux | 7.0 | |
redhat | enterprise_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", matchCriteriaId: "284A8DA0-317B-4BBE-AECB-7E91BBF0DD3B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", }, { lang: "es", value: "La falta de comprobación de límites correcta en Skia en Google Chrome antes de la versión 73.0.3683.75, permitió que un atacante remoto ejecutara una lectura de memoria fuera de límites por medio de una página HTML creada.", }, ], id: "CVE-2019-5798", lastModified: "2024-11-21T04:45:30.940", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:01.047", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { source: "chrome-cve-admin@google.com", url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { source: "chrome-cve-admin@google.com", url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/883596", }, { source: "chrome-cve-admin@google.com", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/May/67", }, { source: "chrome-cve-admin@google.com", url: "https://usn.ubuntu.com/3997-1/", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4451", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1308", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1310", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/883596", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/May/67", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/3997-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4451", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, { lang: "es", value: "La aplicación de políticas insuficientes en los trabajadores del servicio en Google Chrome antes del 74.0.3729.108 permitió a un atacante remoto eludir las restricciones de navegación a través de una página HTML diseñada.", }, ], id: "CVE-2019-5823", lastModified: "2024-11-21T04:45:34.907", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.803", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/930154", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/930154", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
zabbix | zabbix | * | |
zabbix | zabbix | * | |
zabbix | zabbix | * | |
zabbix | zabbix | * | |
zabbix | zabbix | 3.0.32 | |
zabbix | zabbix | 4.0.22 | |
zabbix | zabbix | 4.0.22 | |
zabbix | zabbix | 4.4.10 | |
zabbix | zabbix | 4.4.10 | |
zabbix | zabbix | 5.0.2 | |
zabbix | zabbix | 5.0.2 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
debian | debian_linux | 9.0 | |
opensuse | backports | sle-15 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 | |
opensuse | leap | 15.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", matchCriteriaId: "14F030BB-4C18-44AC-8D00-75A7698E8E21", versionEndIncluding: "3.0.31", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", matchCriteriaId: "A8E2372F-DA44-49AF-8F3D-46FDA165E67B", versionEndIncluding: "4.0.21", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", matchCriteriaId: "55B5B412-AB7D-4ABC-996B-8A8A45FE2C82", versionEndIncluding: "4.4.9", versionStartIncluding: "4.4", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*", matchCriteriaId: "C5B22FF1-0777-43BC-9EC3-C8687203AA24", versionEndIncluding: "5.0.1", versionStartIncluding: "5.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:3.0.32:rc1:*:*:*:*:*:*", matchCriteriaId: "4959BD7B-361C-4FB9-A825-1BC674631898", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:4.0.22:-:*:*:*:*:*:*", matchCriteriaId: "82480E14-CEB4-419F-BF7F-B9CC97B9CDCB", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:4.0.22:rc1:*:*:*:*:*:*", matchCriteriaId: "06AA643C-F980-4ACC-8EEB-0B35F498379A", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:4.4.10:-:*:*:*:*:*:*", matchCriteriaId: "0CADAAB0-18C6-40B2-9B6C-CDB181BB40E4", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:4.4.10:rc1:*:*:*:*:*:*", matchCriteriaId: "3C96E39F-9885-4CFC-A218-AD53B23B6392", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:5.0.2:-:*:*:*:*:*:*", matchCriteriaId: "A0A4A0B9-F022-4C6E-B5DD-D311EC2AF995", vulnerable: true, }, { criteria: "cpe:2.3:a:zabbix:zabbix:5.0.2:rc1:*:*:*:*:*:*", matchCriteriaId: "EFCB4139-5BF6-4A5E-B333-BF1300F328A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp2:*:*:*:*:*:*", matchCriteriaId: "2B7A2D58-B706-41B4-AC99-D51E317AA2D2", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.", }, { lang: "es", value: "Zabbix versiones anteriores a 3.0.32rc1, versiones 4.x anteriores a 4.0.22rc1, versiones 4.1.x hasta 4.4.x anteriores a 4.4.10rc1 y versiones 5.x anteriores a 5.0.2rc1, permite un ataque de tipo XSS almacenado en el widget URL", }, ], id: "CVE-2020-15803", lastModified: "2024-11-21T05:06:12.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-07-17T03:15:11.437", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/04/msg00018.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.zabbix.com/browse/ZBX-18057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/04/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.zabbix.com/browse/ZBX-18057", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "Una implementación inapropiada en cache en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6442", lastModified: "2024-11-21T05:35:44.180", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.373", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://crbug.com/1013906", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://crbug.com/1013906", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-668", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html | Mailing List, Third Party Advisory | |
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://github.com/upx/upx/issues/314 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/upx/upx/issues/314 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:upx_project:upx:3.95:*:*:*:*:*:*:*", matchCriteriaId: "7986910F-E5B0-488F-813B-D6B4367F16F4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.", }, { lang: "es", value: "Se descubrió una desreferencia de dirección de memoria no válida en la función canUnpack en el archivo p_mach.cpp en UPX versión 3.95 por medio de un archivo Mach-O especialmente diseñado.", }, ], id: "CVE-2019-20053", lastModified: "2024-11-21T04:37:58.397", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-27T22:15:11.923", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/upx/upx/issues/314", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/upx/upx/issues/314", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "Use-after-free en V8 en Google Chrome antes de 74.0.3729.108 permitió que un atacante remoto pudiera explotar la corrupción del montón a través de una página HTML creada.", }, ], id: "CVE-2019-5813", lastModified: "2024-11-21T04:45:33.553", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.270", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/942699", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/942699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, { lang: "es", value: "La insuficiente aplicación de políticas en Blink en Google Chrome antes de la versión 73.0.3683.75, permitió a un atacante remoto eludir la política de seguridad de contenido por medio de una página HTML creada.", }, ], id: "CVE-2019-5800", lastModified: "2024-11-21T04:45:31.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:01.140", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/894228", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/894228", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en navigations en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6432", lastModified: "2024-11-21T05:35:43.040", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:11.780", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/965611", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/965611", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EF0EE2D3-3F5C-4F34-B35A-042F0AC3CBA1", versionEndExcluding: "80.0.3987.149", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.", }, { lang: "es", value: "Una aplicación de política insuficiente en extensions de Google Chrome versiones anteriores a 80.0.3987.149, permitió a un atacante que convenció a un usuario para instalar una extensión maliciosa omitir el aislamiento del sitio por medio de una Extensión de Chrome diseñada.", }, ], id: "CVE-2020-6425", lastModified: "2024-11-21T05:35:42.200", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-23T16:15:17.313", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://crbug.com/1031670", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-53", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://crbug.com/1031670", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-53", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4645", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en navigations en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir la Interfaz de Usuario de seguridad por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6439", lastModified: "2024-11-21T05:35:43.843", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.217", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/868145", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/868145", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "672BBC37-A438-4A13-B476-F26333E822AE", versionEndExcluding: "78.0.3904.70", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "Una aplicación de política insuficiente en JavaScript en Google Chrome versiones anteriores a 78.0.3904.70, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada.", }, ], id: "CVE-2019-13711", lastModified: "2024-11-21T04:25:33.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-25T15:15:33.307", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/986063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/986063", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
videolan | vlc_media_player | * | |
opensuse | backports_sle | 15.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.0 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*", matchCriteriaId: "288A8608-A671-415D-9BEC-C85098C8C51B", versionEndExcluding: "3.0.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", matchCriteriaId: "40513095-7E6E-46B3-B604-C926F1BA3568", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.", }, { lang: "es", value: "Un desbordamiento de enteros de VLC Media Player versiones anteriores a 3.0.7, conlleva a una lectura fuera de banda.", }, ], id: "CVE-2019-5459", lastModified: "2024-11-21T04:44:58.477", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-30T21:15:12.257", references: [ { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, { source: "support@hackerone.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/502816", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/502816", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-191", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-191", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.", }, { lang: "es", value: "Los datos no inicializados en medios en Google Chrome antes del 74.0.3729.108 permitieron a un atacante remoto obtener información potencialmente sensible de la memoria de proceso a través de un archivo de video creado", }, ], id: "CVE-2019-5818", lastModified: "2024-11-21T04:45:34.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.507", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/929962", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/929962", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-908", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
rdesktop | rdesktop | * | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:rdesktop:rdesktop:*:*:*:*:*:*:*:*", matchCriteriaId: "223ED7FC-79EF-4324-82AE-D3794128C7A3", versionEndIncluding: "1.8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in the function rdp_in_unistr() and results in memory corruption and possibly even a remote code execution.", }, { lang: "es", value: "rdesktop, en versiones hasta e incluyendo la v1.8.3, contiene un desbordamiento de enteros que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función rdp_in_unistr() y resulta en la corrupción de memoria y, posiblemente, incluso la ejecución remota de código.", }, ], id: "CVE-2018-20177", lastModified: "2024-11-21T04:01:01.310", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-15T18:29:00.423", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106938", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201903-06", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4394", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106938", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/02/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201903-06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4394", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "672BBC37-A438-4A13-B476-F26333E822AE", versionEndExcluding: "78.0.3904.70", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.", }, { lang: "es", value: "Una aplicación de política insuficiente en extensions en Google Chrome versiones anteriores a 78.0.3904.70, permitió a un atacante, que convenció a un usuario para instalar una extensión maliciosa, filtrar datos de origen cruzado por medio de una Extensión de Chrome diseñada.", }, ], id: "CVE-2019-13705", lastModified: "2024-11-21T04:25:32.727", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-25T15:15:32.917", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/989078", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/989078", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.", }, { lang: "es", value: "El problema del ciclo de vida del objeto en ServiceWorker en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de límites a través de una página HTML diseñada.", }, ], id: "CVE-2019-5828", lastModified: "2024-11-21T04:45:35.583", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.990", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/956597", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/956597", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
powerdns | authoritative | * | |
powerdns | authoritative | * | |
powerdns | authoritative | 4.1.0 | |
opensuse | backports | sle-15 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.0 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", matchCriteriaId: "5AC9E085-EAB7-4AF1-AE27-890E01A74EBF", versionEndExcluding: "4.0.8", versionStartIncluding: "4.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", matchCriteriaId: "18CCB3A5-1428-47B2-AC55-6D8E45842A67", versionEndExcluding: "4.1.9", versionStartIncluding: "4.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:powerdns:authoritative:4.1.0:-:*:*:*:*:*:*", matchCriteriaId: "C77964E1-10B0-4107-A1DF-5A6A23F48A85", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.", }, { lang: "es", value: "Se ha detectado una vulnerabilidad en Authoritative Server de PowerDNS anterior a versiones 4.1.9, 4.0.8, que permite a un servidor maestro autorizado y remoto causar una alta carga de CPU o incluso impedir actualizaciones adicionales a cualquier zona esclava mediante el envío de una gran cantidad de mensajes de NOTIFICACIÓN. Note que solo los servidores configurados como esclavos están afectados por este problema.", }, ], id: "CVE-2019-10163", lastModified: "2024-11-21T04:18:33.233", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, exploitabilityScore: 2.1, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-30T23:15:12.263", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.", }, { lang: "es", value: "Un desbordamiento de enteros que provoca un uso de memoria previamente liberada (use-after-free) en Blink Storage en Google Chrome sobre Linux antes de la versión 73.0.3683.75, permitió que un atacante remoto que había comprometido el proceso del renderizador ejecutara código arbitrario por medio de una página HTML creada.", }, ], id: "CVE-2019-5788", lastModified: "2024-11-21T04:45:29.687", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.607", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/925864", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/925864", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
uriparser_project | uriparser | * | |
fedoraproject | extra_packages_for_enterprise_linux | 8.0 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
opensuse | factory | - | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:uriparser_project:uriparser:*:*:*:*:*:*:*:*", matchCriteriaId: "BDD115F5-6128-4317-AC92-F0714B9C8E8A", versionEndExcluding: "0.9.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "BB176AC3-3CDA-4DDA-9089-C67B2F73AA62", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*", matchCriteriaId: "E29492E1-43D8-43BF-94E3-26A762A66FAA", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.3:*:*:*:*:*:*:*", matchCriteriaId: "090F0D1A-6BF8-4810-8942-3FFE4FBF7FE0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.", }, { lang: "es", value: "Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones libres no válidas en uriNormalizeSyntax.", }, ], id: "CVE-2021-46142", lastModified: "2024-11-21T06:33:40.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-06T04:15:06.967", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/issues/122", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/issues/122", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5063", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html | Mailing List, Third Party Advisory | |
support@hackerone.com | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html | Mailing List, Third Party Advisory | |
support@hackerone.com | https://hackerone.com/reports/508493 | Exploit, Third Party Advisory | |
support@hackerone.com | https://nextcloud.com/security/advisory/?id=NC-SA-2019-015 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/508493 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://nextcloud.com/security/advisory/?id=NC-SA-2019-015 | Vendor Advisory |
Vendor | Product | Version | |
---|---|---|---|
nextcloud | nextcloud_server | * | |
nextcloud | nextcloud_server | * | |
opensuse | backports | sle-15 | |
suse | suse_linux_enterprise_server | 12 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", matchCriteriaId: "D2835B9E-DA99-430E-B4B1-30518D7105DC", versionEndExcluding: "14.0.11", vulnerable: true, }, { criteria: "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", matchCriteriaId: "AECD1A2C-871A-4B19-9E2E-DC9DAAED8605", versionEndExcluding: "15.0.8", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "144B9E5B-6CF1-4961-8079-B09A8881EEEF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.", }, { lang: "es", value: "Una Comprobación de Entrada Inapropiada en Nextcloud Server versión 15.0.7, permite a los administradores de grupo crear usuarios con los ID de carpetas del sistema.", }, ], id: "CVE-2019-15624", lastModified: "2024-11-21T04:29:09.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-04T20:15:12.747", references: [ { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, { source: "support@hackerone.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/508493", }, { source: "support@hackerone.com", tags: [ "Vendor Advisory", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2019-015", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/508493", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2019-015", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "Use-after-free en Blink en Google Chrome antes de 74.0.3729.108 permitió que un atacante remoto pudiera explotar la corrupción del heap a través de una página HTML diseñada.", }, ], id: "CVE-2019-5808", lastModified: "2024-11-21T04:45:32.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:13.990", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/947029", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/947029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.", }, { lang: "es", value: "El desbordamiento de enteros en PDFium en Google Chrome antes de la versión 73.0.3683.75, permitió que un atacante remoto ejecutara un acceso a la memoria fuera de límites por medio de un archivo PDF creado.", }, ], id: "CVE-2019-5795", lastModified: "2024-11-21T04:45:30.570", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.937", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/919643", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/919643", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
uriparser_project | uriparser | * | |
fedoraproject | extra_packages_for_enterprise_linux | 8.0 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
opensuse | factory | - | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:uriparser_project:uriparser:*:*:*:*:*:*:*:*", matchCriteriaId: "BDD115F5-6128-4317-AC92-F0714B9C8E8A", versionEndExcluding: "0.9.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "BB176AC3-3CDA-4DDA-9089-C67B2F73AA62", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*", matchCriteriaId: "E29492E1-43D8-43BF-94E3-26A762A66FAA", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.3:*:*:*:*:*:*:*", matchCriteriaId: "090F0D1A-6BF8-4810-8942-3FFE4FBF7FE0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.", }, { lang: "es", value: "Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones inválidas en uriFreeUriMembers y uriMakeOwner.", }, ], id: "CVE-2021-46141", lastModified: "2024-11-21T06:33:40.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-06T04:15:06.917", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/issues/121", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5063", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/issues/121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/uriparser/uriparser/pull/124", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5063", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "B3FA0046-45B4-4D20-AEB4-72D9A04283C3", versionEndExcluding: "83.0.4103.97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.", }, { lang: "es", value: "Un uso de la memoria previamente liberada en WebAuthentication en Google Chrome versiones anteriores a 83.0.4103.97, permitió a un atacante remoto que había comprometido el proceso del renderizador para potencialmente llevar a cabo un escape del sandbox por medio de una página HTML diseñada", }, ], id: "CVE-2020-6493", lastModified: "2024-11-21T05:35:50.323", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-03T23:15:11.760", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", ], url: "https://crbug.com/1082105", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-02", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://crbug.com/1082105", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.", }, { lang: "es", value: "Una comprobación entrada insuficiente no confiable en clipboard en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante local omitir el aislamiento del sitio por medio de contenidos del portapapeles diseñados.", }, ], id: "CVE-2020-6456", lastModified: "2024-11-21T05:35:45.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:13.063", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1040755", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1040755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "02AA21FD-4513-45EC-B4C7-1561690D30EA", versionEndExcluding: "80.0.3987.162", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "Un desbordamiento de búfer de la pila (heap) en media en Google Chrome versiones anteriores a 80.0.3987.162, permitió a un atacante remoto explotar potencialmente una corrupción de la pila (heap) por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6452", lastModified: "2024-11-21T05:35:45.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.890", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1059764", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1059764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMXT4OKBMCJSNSX7TZDBJNY6ORKFZRFO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQTV7EFWQKF6VJBCVH4PUQJLGO7ISLTN/", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chocolate-doom | chocolate_doom | 3.0.0 | |
chocolate-doom | crispy_doom | 5.8.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 | |
opensuse | leap | 15.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:chocolate-doom:chocolate_doom:3.0.0:-:*:*:*:*:*:*", matchCriteriaId: "8A0A032A-7DAA-4ECA-AEA1-6A53174ED24C", vulnerable: true, }, { criteria: "cpe:2.3:a:chocolate-doom:crispy_doom:5.8.0:*:*:*:*:*:*:*", matchCriteriaId: "AF3CE9D2-DCDF-43E5-864E-EFC6C67F8560", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.", }, { lang: "es", value: "El servidor en Chocolate Doom versión 3.0.0 y Crispy Doom versión 5.8.0, no comprueba el valor de num_players controlado por el usuario, conllevando a un desbordamiento del búfer. Un usuario malicioso puede sobrescribir la pila del servidor", }, ], id: "CVE-2020-14983", lastModified: "2024-11-21T05:04:34.750", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-22T20:15:11.380", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00012.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/chocolate-doom/chocolate-doom/issues/1293", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/chocolate-doom/chocolate-doom/issues/1293", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.", }, { lang: "es", value: "La aplicación de políticas insuficientes en Extensions en Google Chrome antes de la versión 73.0.3683.75, permitió a un atacante remoto iniciar la interfaz de usuario de instalación de extensiones por medio de una página HTML creada.", }, ], id: "CVE-2019-5793", lastModified: "2024-11-21T04:45:30.313", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.843", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/937487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/937487", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.", }, { lang: "es", value: "El desbordamiento de enteros en PDFium en Google Chrome antes de la versión 73.0.3683.75, permitió que un atacante remoto ejecutara un acceso a la memoria fuera de límites por medio de un archivo PDF creado.", }, ], id: "CVE-2019-5792", lastModified: "2024-11-21T04:45:30.187", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.797", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/914983", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/914983", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "B3FA0046-45B4-4D20-AEB4-72D9A04283C3", versionEndExcluding: "83.0.4103.97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.", }, { lang: "es", value: "Una aplicación insuficiente de la política en developer tools en Google Chrome versiones anteriores a 83.0.4103.97, permitió a un atacante que convenció a un usuario de instalar una extensión maliciosa potencialmente llevar a cabo un escape del sandbox por medio de una Chrome Extension diseñada", }, ], id: "CVE-2020-6495", lastModified: "2024-11-21T05:35:50.590", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-03T23:15:11.917", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", ], url: "https://crbug.com/1072116", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-02", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://crbug.com/1072116", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202006-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, { lang: "es", value: "El desbordamiento de enteros en PDFium en Google Chrome antes de 74.0.3729.108 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de un archivo PDF creado.", }, ], id: "CVE-2019-5820", lastModified: "2024-11-21T04:45:34.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.630", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/919635", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/919635", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El desbordamiento del búfer del heap en ANGLE en Google Chrome en Windows antes de 74.0.3729.108 permitió que un atacante remoto pudiera explotar la corrupción del montón a través de una página HTML diseñada", }, ], id: "CVE-2019-5817", lastModified: "2024-11-21T04:45:34.083", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.457", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/943709", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/943709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
sylabs | singularity | * | |
sylabs | singularity | 3.2.0 | |
sylabs | singularity | 3.2.0 | |
sylabs | singularity | 3.2.0 | |
fedoraproject | fedora | 28 | |
fedoraproject | fedora | 29 | |
fedoraproject | fedora | 30 | |
opensuse | backports | sle-15 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sylabs:singularity:*:*:*:*:*:*:*:*", matchCriteriaId: "A03C5294-152B-4B8C-A3C9-C12F336E3CF8", versionEndExcluding: "3.2.0", versionStartIncluding: "3.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:sylabs:singularity:3.2.0:-:*:*:*:*:*:*", matchCriteriaId: "DCF1D191-8AE3-45AB-A8B8-5FE0495AFDF0", vulnerable: true, }, { criteria: "cpe:2.3:a:sylabs:singularity:3.2.0:rc1:*:*:*:*:*:*", matchCriteriaId: "CD87FF8D-26D4-42AE-9D6B-BC49773D6A4E", vulnerable: true, }, { criteria: "cpe:2.3:a:sylabs:singularity:3.2.0:rc2:*:*:*:*:*:*", matchCriteriaId: "9893E982-1FA4-474C-9FC0-5B08BEA1937D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/instances/sing/<user>/<instance>`. The manipulation of those files can change the behavior of the starter-suid program when instances are joined resulting in potential privilege escalation on the host.", }, { lang: "es", value: "Se encontró un problema en Singularity versión 3.1.0 hasta la 3.2.0-rc2, un usuario malicioso con acceso local de red hacia el sistema host (por ejemplo, ssh) podría atacar esta vulnerabilidad debido a permisos no seguros que permiten a un usuario editar archivos dentro de `/run/singularity/instances/sing//`. La manipulación de esos archivos puede cambiar el comportamiento del programa starter-suid cuando las peticiones se unen, lo que conlleva a una posible escalada de privilegios en el host.", }, ], id: "CVE-2019-11328", lastModified: "2024-11-21T04:20:53.913", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-14T21:29:01.137", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/05/16/1", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/108360", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/sylabs/singularity/releases/tag/v3.2.0", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/05/16/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.securityfocus.com/bid/108360", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/sylabs/singularity/releases/tag/v3.2.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3TPL5OOTIZEI4H6IQBCCISBARJ6WL3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIHV7DSEVTB5SUPEZ2UXGS3Q6WMEQSO2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNU5BUHFOTYUZVHFUSX2VG4S3RCPUEMA/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
opensuse | backports | sle-15 | |
redhat | enterprise_linux_desktop | 6.0 | |
redhat | enterprise_linux_server | 6.0 | |
redhat | enterprise_linux_workstation | 6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "BB361AD0-A294-43B3-AF86-B157B768EDCF", versionEndExcluding: "78.0.3904.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "Un uso de la memoria previamente liberada en WebBluetooth en Google Chrome versiones anteriores a 78.0.3904.108, permitió a un atacante remoto, que había comprometido el proceso del renderizador, explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada.", }, ], id: "CVE-2019-13723", lastModified: "2024-11-21T04:25:34.800", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-25T15:15:34.027", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00035.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3955", }, { source: "chrome-cve-admin@google.com", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", ], url: "https://crbug.com/1024121", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54XWRJ5LDFL27QXBPIBX3EHO4TPMKN4R/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USW7PGIHNPE6W3LGY6ZDFLELQGSL52CH/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3955", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2019/11/stable-channel-update-for-desktop_18.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://crbug.com/1024121", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54XWRJ5LDFL27QXBPIBX3EHO4TPMKN4R/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USW7PGIHNPE6W3LGY6ZDFLELQGSL52CH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-08", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "La aplicación insuficiente de políticas en Blink en Google Chrome antes de 74.0.3729.108 permitió a un atacante remoto filtrar datos de cross-origin a través de una página HTML diseñada.", }, ], id: "CVE-2019-5814", lastModified: "2024-11-21T04:45:33.693", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.333", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/930057", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/930057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.", }, { lang: "es", value: "Use-after-free en el selector de archivos en Google Chrome antes del 74.0.3729.108 permitió que un atacante remoto que había comprometido el proceso del renderizador realizara una escalada de privilegios a través de una página HTML diseñada", }, ], id: "CVE-2019-5809", lastModified: "2024-11-21T04:45:32.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.037", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/941008", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/941008", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "672BBC37-A438-4A13-B476-F26333E822AE", versionEndExcluding: "78.0.3904.70", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "Una aplicación de política insuficiente en JavaScript en Google Chrome versiones anteriores a 78.0.3904.70, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada.", }, ], id: "CVE-2019-13713", lastModified: "2024-11-21T04:25:33.597", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-25T15:15:33.387", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/993288", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/993288", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "La filtración de información sobre el tamaño de los recursos en Blink en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto filtrara datos de origen cruzado a través de una página HTML diseñada.", }, ], id: "CVE-2019-5837", lastModified: "2024-11-21T04:45:36.803", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.510", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/918293", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/918293", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cobbler_project | cobbler | * | |
opensuse | factory | - | |
opensuse | backports | sle-15 | |
opensuse | backports | sle-15 | |
suse | linux_enterprise_server | 11 | |
suse | linux_enterprise_server | 12 | |
suse | linux_enterprise_server | 15 | |
suse | linux_enterprise_server | 15 | |
fedoraproject | fedora | 34 | |
fedoraproject | fedora | 35 | |
fedoraproject | fedora | 36 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:*", matchCriteriaId: "8C1BBC09-CD18-4BF4-972E-356DB8A70996", versionEndExcluding: "3.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*", matchCriteriaId: "E29492E1-43D8-43BF-94E3-26A762A66FAA", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp3:*:*:*:*:*:*", matchCriteriaId: "4DEE66F8-CE56-49A1-8E3A-876CC67BC096", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp4:*:*:*:*:*:*", matchCriteriaId: "0D668794-E03A-4712-ABE1-A7126658FCCB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "8B072472-B463-4647-885D-E40B0115C810", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", matchCriteriaId: "15FC9014-BD85-4382-9D04-C0703E901D7A", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:*:*:*", matchCriteriaId: "5372BB07-73C9-4DB3-95C4-108C1A06683C", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_server:15:sp3:*:*:*:*:*:*", matchCriteriaId: "6C2EACE6-C127-4B13-8002-8EEBEE8D549B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Cobbler before 3.3.1. In the templar.py file, the function check_for_invalid_imports can allow Cheetah code to import Python modules via the \"#from MODULE import\" substring. (Only lines beginning with #import are blocked.)", }, { lang: "es", value: "Se ha detectado un problema en Cobbler versiones hasta 3.3.0. En el archivo templar.py, la función check_for_invalid_imports puede permitir que el código Cheetah importe módulos de Python por medio de la subcadena \"#from MODULE import\". (Sólo son bloqueadas las líneas que comienzan con #import)", }, ], id: "CVE-2021-45082", lastModified: "2024-11-21T06:31:54.773", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-19T00:15:17.013", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1193678", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/cobbler/cobbler/releases", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1193678", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/cobbler/cobbler/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEJN7CPW6YCHBFQPFZKGA6AVA6T5NPIW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z5CSXQE7Q4TVDQJKFYBO4XDH3BZ7BLAR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCXMOUW4DH4DYWIJN44SMSU6R3CZDZBE/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "La aplicación de políticas insuficientes en XMLHttpRequest en Google Chrome antes de 75.0.3770.80 permitió a un atacante remoto filtrar datos de origen cruzado a través de una página HTML diseñada.", }, ], id: "CVE-2019-5832", lastModified: "2024-11-21T04:45:36.140", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.223", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/959390", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/959390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El desbordamiento del búfer del montón en ANGLE en Google Chrome antes de 75.0.3770.80 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada", }, ], id: "CVE-2019-5836", lastModified: "2024-11-21T04:45:36.673", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.443", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/947342", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/947342", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "672BBC37-A438-4A13-B476-F26333E822AE", versionEndExcluding: "78.0.3904.70", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.", }, { lang: "es", value: "La comprobación insuficiente de una entrada no confiable en intents en Google Chrome en Android versiones anteriores a 78.0.3904.70, permitió a un atacante local filtrar archivos por medio de una aplicación diseñada.", }, ], id: "CVE-2019-13707", lastModified: "2024-11-21T04:25:32.973", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-11-25T15:15:33.043", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/859349", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_22.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/859349", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
▼ | URL | Tags | |
---|---|---|---|
meissner@suse.de | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html | Mailing List, Vendor Advisory | |
meissner@suse.de | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html | Mailing List, Vendor Advisory | |
meissner@suse.de | https://bugzilla.suse.com/show_bug.cgi?id=1157703 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html | Mailing List, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html | Mailing List, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1157703 | Issue Tracking, Vendor Advisory |
Vendor | Product | Version | |
---|---|---|---|
apt-cacher-ng_project | apt-cacher-ng | * | |
opensuse | leap | 15.1 | |
opensuse | backports | sle-15 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:*:*:*:*:*:*:*:*", matchCriteriaId: "DD885EB0-ECD0-408C-9BF7-2AB16EEB3FF5", versionEndExcluding: "3.1-lp151.3.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.", }, { lang: "es", value: "El paquete apt-cacher-ng de openSUSE Leap versión 15.1, ejecuta operaciones en el directorio /run/apt-cacher-ng propiedad del usuario con privilegios de root. Esto puede permitir a atacantes locales influir en el resultado de estas operaciones. Este problema afecta a: apt-cacher-ng versiones anteriores a 3.1-lp151.3.3.1 de openSUSE Leap versión 15.1.", }, ], id: "CVE-2019-18899", lastModified: "2024-11-21T04:33:48.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 3.6, source: "meissner@suse.de", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-23T15:15:13.600", references: [ { source: "meissner@suse.de", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { source: "meissner@suse.de", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, { source: "meissner@suse.de", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1157703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1157703", }, ], sourceIdentifier: "meissner@suse.de", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "meissner@suse.de", type: "Primary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html | Mailing List, Third Party Advisory | |
cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/202003-50 | Third Party Advisory | |
cve@mitre.org | https://trac.torproject.org/projects/tor/ticket/33120 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202003-50 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://trac.torproject.org/projects/tor/ticket/33120 | Vendor Advisory |
Vendor | Product | Version | |
---|---|---|---|
torproject | tor | * | |
torproject | tor | * | |
torproject | tor | * | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*", matchCriteriaId: "A0F32196-820B-417F-A8BA-C2F1EAC01717", versionEndExcluding: "0.3.5.10", versionStartIncluding: "0.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*", matchCriteriaId: "D8DEF7C0-0B37-4339-8B96-63A5B817AA7C", versionEndExcluding: "0.4.1.9", versionStartExcluding: "0.4.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*", matchCriteriaId: "990A6710-D662-4B46-8B1D-963F682CB234", versionEndIncluding: "0.4.2.7", versionStartExcluding: "0.4.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.", }, { lang: "es", value: "Tor versiones anteriores a 0.3.5.10, versiones 0.4.x anteriores a 0.4.1.9 y versiones 0.4.2.x anteriores a 0.4.2.7, permite a atacantes remotos causar una Denegación de Servicio (consumo de CPU), también se conoce como TROVE-2020-002.", }, ], id: "CVE-2020-10592", lastModified: "2024-11-21T04:55:39.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-03-23T13:15:12.957", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-50", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://trac.torproject.org/projects/tor/ticket/33120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00052.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-50", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://trac.torproject.org/projects/tor/ticket/33120", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El problema de la vida útil del objeto en V8 en Google Chrome antes de 74.0.3729.108 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada.", }, ], id: "CVE-2019-5807", lastModified: "2024-11-21T04:45:32.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:13.927", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/945644", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/945644", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
graphicsmagick | graphicsmagick | 1.4 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:graphicsmagick:graphicsmagick:1.4:2019-04-03:*:*:*:*:*:*", matchCriteriaId: "8F746D69-B658-432B-8EB5-2F89E8D06161", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free in ThrowException and ThrowLoggedException of magick/error.c.", }, { lang: "es", value: "En GraphicsMagick versión 1.4 snapshot-20190403 Q8, se presenta un uso de la memoria previamente liberada de las funciones ThrowException y ThrowLoggedException del archivo magick/error.c.", }, ], id: "CVE-2019-19950", lastModified: "2024-11-21T04:35:43.653", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-24T01:15:11.387", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/603/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00064.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://sourceforge.net/p/graphicsmagick/bugs/603/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4640", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E86A7A78-CFB0-4CF5-AFE2-E1C88ED6E19D", versionEndExcluding: "74.0.3729.131", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El error en el paso de parámetros en los medios en Google Chrome antes de 74.0.3729.131 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada.", }, ], id: "CVE-2019-5824", lastModified: "2024-11-21T04:45:35.037", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.867", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/948564", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/948564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
talos-cna@cisco.com | http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html | Mailing List, Third Party Advisory | |
talos-cna@cisco.com | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html | Mailing List, Third Party Advisory | |
talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956 | Exploit, Third Party Advisory |
Vendor | Product | Version | |
---|---|---|---|
shadowsocks | shadowsocks-libev | 3.3.2 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:shadowsocks:shadowsocks-libev:3.3.2:*:*:*:*:*:*:*", matchCriteriaId: "6C7487D4-D438-4F80-985D-61BEF8854421", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.", }, { lang: "es", value: "Hay una vulnerabilidad de denegación de servicio explotable en la funcionalidad UDPRelay de Shadowsocks-libev versión 3.3.2. Cuando se utiliza un Cifrado de Flujo y un local_address, unos paquetes UDP arbitrarios pueden causar una ruta de código de error FATAL y salir. Un atacante puede enviar paquetes UDP arbitrarios para activar esta vulnerabilidad.", }, ], id: "CVE-2019-5163", lastModified: "2024-11-21T04:44:28.237", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "talos-cna@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-03T22:15:15.370", references: [ { source: "talos-cna@cisco.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html", }, { source: "talos-cna@cisco.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html", }, { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "talos-cna@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-306", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en extensions de Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6433", lastModified: "2024-11-21T05:35:43.153", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:11.827", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1043965", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1043965", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
support@hackerone.com | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html | Mailing List, Third Party Advisory | |
support@hackerone.com | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html | Mailing List, Third Party Advisory | |
support@hackerone.com | https://hackerone.com/reports/697959 | Patch, Third Party Advisory | |
support@hackerone.com | https://nextcloud.com/security/advisory/?id=NC-SA-2020-002 | Broken Link, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/697959 | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://nextcloud.com/security/advisory/?id=NC-SA-2020-002 | Broken Link, Vendor Advisory |
Vendor | Product | Version | |
---|---|---|---|
nextcloud | nextcloud_server | * | |
nextcloud | nextcloud_server | * | |
nextcloud | nextcloud_server | * | |
opensuse | backports | sle-15 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", matchCriteriaId: "69BE13A7-612F-4C06-B9DD-D5CADE0E89BB", versionEndExcluding: "15.0.14", vulnerable: true, }, { criteria: "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", matchCriteriaId: "69BAB965-AE57-4674-BF4E-484F779DE1E1", versionEndExcluding: "16.0.7", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", matchCriteriaId: "4DA73A56-619E-44C9-858A-23DD0EC7730C", versionEndExcluding: "17.0.2", versionStartIncluding: "17.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.", }, { lang: "es", value: "Un error en Nextcloud Server versión 17.0.1, causa que las reglas de flujo de trabajo dependan de su comportamiento sobre la extensión del archivo cuando se comprueban los mimetypes de archivos.", }, ], id: "CVE-2019-15613", lastModified: "2024-11-21T04:29:07.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-04T20:15:11.870", references: [ { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, { source: "support@hackerone.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://hackerone.com/reports/697959", }, { source: "support@hackerone.com", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2020-002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://hackerone.com/reports/697959", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://nextcloud.com/security/advisory/?id=NC-SA-2020-002", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-345", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", matchCriteriaId: "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.", }, { lang: "es", value: "El problema de la duración del proceso en Chrome en Google Chrome en Android antes de 74.0.3729.108 permitió que un atacante remoto pudiera persistir en un proceso explotado a través de una página HTML diseñada.", }, ], id: "CVE-2019-5816", lastModified: "2024-11-21T04:45:33.957", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.380", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/940245", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/940245", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-664", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", }, { lang: "es", value: "El manejo incorrecto de CORS en ServiceWorker en Google Chrome antes de 74.0.3729.108 permitió a un atacante remoto omitir la misma política de origen a través de una página HTML diseñada.", }, ], id: "CVE-2019-5811", lastModified: "2024-11-21T04:45:32.643", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.163", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/771815", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/771815", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en full screen en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto falsificar la Interfaz de Usuario de seguridad por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6431", lastModified: "2024-11-21T05:35:42.920", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:11.717", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/852645", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/852645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6446", lastModified: "2024-11-21T05:35:44.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.623", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/933172", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/933172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El desbordamiento de enteros en ANGLE en Google Chrome en Windows antes de 74.0.3729.108 permitió que un atacante remoto pudiera explotar la corrupción del montón a través de una página HTML diseñada", }, ], id: "CVE-2019-5806", lastModified: "2024-11-21T04:45:31.970", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:13.880", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/943087", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/943087", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.", }, { lang: "es", value: "Un desbordamiento de enteros que provoca un uso de memoria previamente liberada (use-after-free) en WebMIDI en Google Chrome en Windows antes de la versión 73.0.3683.75, permitió que un atacante remoto que había comprometido el proceso del renderizador ejecutara código arbitrario por medio de una página HTML creada.", }, ], id: "CVE-2019-5789", lastModified: "2024-11-21T04:45:29.803", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.670", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/921581", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/921581", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, { lang: "es", value: "El desbordamiento de enteros en PDFium en Google Chrome antes de 74.0.3729.108 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de un archivo PDF creado.", }, ], id: "CVE-2019-5821", lastModified: "2024-11-21T04:45:34.630", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.693", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/919640", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/919640", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", }, { lang: "es", value: "Use-after-free en PDFium en Google Chrome antes del 74.0.3729.108 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de un archivo PDF creado.", }, ], id: "CVE-2019-5805", lastModified: "2024-11-21T04:45:31.810", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:13.817", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/913320", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/913320", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", }, { lang: "es", value: "La insuficiente validación de datos en Blink en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto realizara una falsificación de dominio a través de una página HTML diseñada.", }, ], id: "CVE-2019-5834", lastModified: "2024-11-21T04:45:36.410", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.333", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/962368", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/962368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-346", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en extensions de Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto quien había comprometido el proceso de renderización omitir las restricciones de navegación por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6435", lastModified: "2024-11-21T05:35:43.390", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:11.953", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1032158", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/1032158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", }, { lang: "es", value: "La aplicación de políticas insuficientes en CORS en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto filtrara datos de origen cruzado a través de una página HTML diseñada.", }, ], id: "CVE-2019-5830", lastModified: "2024-11-21T04:45:35.867", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.100", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/665766", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/665766", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", matchCriteriaId: "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.", }, { lang: "es", value: "El alcance del cuadro de diálogo incorrecto en el navegador en Google Chrome en Android antes de 75.0.3770.80 permitió a un atacante remoto mostrar una IU de seguridad engañosa a través de una página HTML diseñada.", }, ], id: "CVE-2019-5833", lastModified: "2024-11-21T04:45:36.273", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.270", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/945067", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/945067", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
apt-cacher-ng_project | apt-cacher-ng | * | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apt-cacher-ng_project:apt-cacher-ng:*:*:*:*:*:*:*:*", matchCriteriaId: "9F58C1F6-AA0C-46EC-81CC-14F62DDD1D1F", versionEndIncluding: "3.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.", }, { lang: "es", value: "apt-cacher-ng versiones hasta 3.3, permite a usuarios locales obtener información confidencial al secuestrar el puerto TCP codificado. El programa /usr/lib/apt-cacher-ng/acngtool intenta conectarse a apt-cacher-ng por medio de TCP en el puerto localhost 3142, inclusive si es pasada la opción de línea de comando explicita SocketPath=/var/run/apt-cacher-ng/socket. El trabajo cron de /etc/cron.daily/apt-cacher-ng (que está activo por defecto) intenta esto periódicamente. Como el 3142 es un puerto sin privilegios, cualquier usuario local puede intentar vincularse a este puerto y recibirá peticiones desde acngtool. Puede haber datos confidenciales en estas peticiones, por ejemplo, si AdminAuth está habilitado en /etc/apt-cacher-ng/security.conf. Estos datos confidenciales pueden filtrarse a usuarios locales no privilegiados que logran unirse a este puerto antes de que el demonio apt-cacher-ng pueda hacerlo.", }, ], id: "CVE-2020-5202", lastModified: "2024-11-21T05:33:40.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-21T18:15:13.060", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/oss-sec/2020/q1/21", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2020-5202", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00057.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00065.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/01/20/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/oss-sec/2020/q1/21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2020-5202", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", }, { lang: "es", value: "La fuga de información en relleno automático en Google Chrome antes de 74.0.3729.108 permitió que un atacante remoto obtuviera información potencialmente sensible de la memoria de proceso a través de una página HTML diseñada.", }, ], id: "CVE-2019-5810", lastModified: "2024-11-21T04:45:32.507", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.100", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/916838", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/916838", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "E801A650-BF69-4C0C-B1F4-B06F3A7C17B4", versionEndExcluding: "74.0.3729.108", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", }, { lang: "es", value: "La implementación inadecuada en Blink en Google Chrome antes de 74.0.3729.108 permitió a un atacante remoto omitir la misma política de origen a través de una página HTML diseñada.", }, ], id: "CVE-2019-5822", lastModified: "2024-11-21T04:45:34.767", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:14.757", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/926105", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/926105", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, { lang: "es", value: "La insuficiente aplicación de políticas en Content Security Policy en Google Chrome antes de la versión 73.0.3683.75, permitió a un atacante remoto eludir la política de seguridad de contenido por medio de una página HTML creada.", }, ], id: "CVE-2019-5803", lastModified: "2024-11-21T04:45:31.567", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:01.297", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/909865", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/909865", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
kde | kauth | * | |
opensuse | leap | 15.0 | |
opensuse | leap | 42.3 | |
opensuse | backports | - | |
suse | linux_enterprise | 15.0 | |
fedoraproject | fedora | 28 | |
fedoraproject | fedora | 29 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:kde:kauth:*:*:*:*:*:*:*:*", matchCriteriaId: "1E3326D4-ECA4-46F5-9B03-896847B33BB1", versionEndExcluding: "5.55.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports:-:*:*:*:*:*:*:*", matchCriteriaId: "D47B6AC2-F30A-4AE8-8E5A-AD31E922D51D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:suse:linux_enterprise:15.0:*:*:*:*:*:*:*", matchCriteriaId: "1607628F-77A7-4C1F-98DF-0DC50AE8627D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintentionally causes this plugin code to run as root, which increases the severity of any possible exploitation of a plugin vulnerability.", }, { lang: "es", value: "KDE KAuth, versiones anteriores 5.55, permite el paso de parámetros con tipos arbitrarios a ayudantes que se ejecutan como root sobre DBus a través de DBusHelperProxy.cpp. Ciertos tipos pueden causar caídas y desencadenar la decodificación de imágenes arbitrarias con plugins cargados dinámicamente. En otras palabras, KAuth involuntariamente hace que este código del plugin se ejecute como root, lo que aumenta la severidad de cualquier posible explotación de una vulnerabilidad del plugin.", }, ], id: "CVE-2019-7443", lastModified: "2024-11-21T04:48:14.897", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-07T19:29:01.410", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00060.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00065.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1124863", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAWLQKTUQJOAPXOFWJQAQCA4LVM2P45F/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXVUJNXB6QKGPT6YJPJSG3U2BIR5XK5Y/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00065.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1124863", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DAWLQKTUQJOAPXOFWJQAQCA4LVM2P45F/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PXVUJNXB6QKGPT6YJPJSG3U2BIR5XK5Y/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
chrome | * | ||
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
fedoraproject | fedora | 30 | |
fedoraproject | fedora | 31 | |
fedoraproject | fedora | 32 | |
opensuse | backports | sle-15 | |
opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "7DF3F6F7-2305-4BA7-8401-8A7F55C29CB5", versionEndExcluding: "81.0.4044.92", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.", }, { lang: "es", value: "Una aplicación insuficiente de la política en trusted types en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto omitir una política de seguridad de contenido por medio de una página HTML diseñada.", }, ], id: "CVE-2020-6445", lastModified: "2024-11-21T05:35:44.547", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-13T18:15:12.547", references: [ { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "chrome-cve-admin@google.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/933171", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "chrome-cve-admin@google.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00031.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://crbug.com/933171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XWIVVYIQU67QR2LHNGGZBS4FZOW2RQO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFVP775RPRDVY5FUCN7ABH5AE74TQFDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMXPDHEEACPD3BCMTC26SCCYB2ZMUOAO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4714", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", }, { lang: "es", value: "Un desbordamiento de enteros que provoca una capacidad incorrecta de un búfer en JavaScript en Google Chrome antes de la versión 73.0.3683.75, permitió que un atacante remoto ejecutara código arbitrario dentro de un sandbox por medio de una página HTML creada.", }, ], id: "CVE-2019-5790", lastModified: "2024-11-21T04:45:29.920", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:00.700", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/914736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/914736", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "EA174888-9FEB-4029-8E0D-D6CFCF1A74F6", versionEndExcluding: "73.0.3683.75", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*", matchCriteriaId: "B5415705-33E5-46D5-8E4D-9EBADC8C5705", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*", matchCriteriaId: "1CBC4824-9D9F-427D-87A6-60B2CEBAAFEE", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", }, { lang: "es", value: "La eliminación incorrecta de las URL en Omnibox en Google Chrome en iOS antes de la versión 73.0.3683.75, permitió que un atacante remoto ejecutara una suplantación de dominio por medio de una página HTML creada.", }, ], id: "CVE-2019-5801", lastModified: "2024-11-21T04:45:31.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-23T20:29:01.200", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/921390", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop_12.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/921390", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*", matchCriteriaId: "C0B495DB-9B59-48DE-9B22-7AB48CDBBF2B", versionEndIncluding: "3.0.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", matchCriteriaId: "C84D9410-31B7-421A-AD99-8ED2E45A9BC6", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Double Free in VLC versions <= 3.0.6 leads to a crash.", }, { lang: "es", value: "Una vulnerabilidad de Doble Liberación en VLC versiones anteriores a 3.0.6 (incluida), conlleva a un bloqueo.", }, ], id: "CVE-2019-5460", lastModified: "2024-11-21T04:44:58.610", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-30T21:15:12.320", references: [ { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { source: "support@hackerone.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, { source: "support@hackerone.com", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/503208", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://hackerone.com/reports/503208", }, ], sourceIdentifier: "support@hackerone.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "support@hackerone.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "1629DCDC-F45C-4F3E-A8EF-43E40E2FD504", versionEndExcluding: "75.0.3770.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", matchCriteriaId: "398716BC-E609-4338-BAB9-7CB2A78599BC", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "El problema del lifecycle del objeto en V8 en Google Chrome antes de 75.0.3770.80 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada.", }, ], id: "CVE-2019-5831", lastModified: "2024-11-21T04:45:36.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-06-27T17:15:15.163", references: [ { source: "chrome-cve-admin@google.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/950328", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "chrome-cve-admin@google.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "chrome-cve-admin@google.com", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "chrome-cve-admin@google.com", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/950328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EI3DGFVT7CKJO6YVMP55R35HCDVEIC4Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Aug/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201908-18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4500", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0791", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
var-201907-1556
Vulnerability from variot
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. PowerDNS Authoritative Server Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. PowerDNSAuthoritativeServer is a DNS server of the Dutch PowerDNS company. A security vulnerability exists in PowerDNSAuthoritativeServer 4.1.8 and earlier. An attacker could exploit the vulnerability by sending a large number of NOTIFY packets to cause a denial of service. PowerDNS Authoritative Server is prone to a denial-of-service vulnerability. PowerDNS Authoritative Server version 4.1.8 and prior are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4470-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 23, 2019 https://www.debian.org/security/faq
Package : pdns CVE ID : CVE-2019-10162 CVE-2019-10163
Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup.
For the stable distribution (stretch), these problems have been fixed in version 4.0.3-1+deb9u5.
We recommend that you upgrade your pdns packages.
For the detailed security status of pdns please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pdns
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl0P6LYACgkQEMKTtsN8 Tjbi2RAAqjNYSOlZ5W/yfVxGPO5OiyC8XojhGPuPdVmByyCDTqzgPtZftKHxXfD2 0sdc5/NM7ZNC/3brzRrVlMVRm7/bJvPloeDAGb8bnSzge9Nzz9FB7zcQxc5fdaqA pn7/++FWXDmOVy2NEObcerk/SodAWDpVfmIZP6kH3aIeGs0WrUA/cusmV+C94kgv 6XVJ3IW2dsIQrHvkoBMi4TJg5PrIHW0RruuJHlUSUgTusZ3XQS+hd93dciK7E+an xi0yB5oA6Mb/vw7DzlBRQfkgMiG6p9YRTgXwBdvrxqEVkNYpq9G/xH+nUdE6rDqt M3bG5tUMGCdtywwmwaSGXvkv6/5puPkMRpJIyTeVQTVYMbOgWyovC5sB5T8JytyD tW7qpbv/Mbhw0mmh0m8KoWnegNQhTTn8d3IKCxalB9JYpw3zhkHmfQW79lBRtqCy SvJEhkOVW7yhsWCl+HjKMXphsPST/oeKP3vJx4ET+4n58OfOt9Fm7rx406g2sY2o NsUwTdF3GDD00v0iuF+Vcm2nA6Qj6dOAXlp4kZygjFbDao4iF6lzY4KGDYS/Pn5Z kB4g58ShfWkAE+/WAvF8QVNcICnlI3l9SxwR2NiY/x6O53vkYBWeiJP/OvRQhlPQ Kw4enCb3qrjgb6jMNDPBMe8TjMh92sEqiXPQBy57OcStAjcfxfI= =nUCz -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201907-1556", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "backports", scope: "eq", trust: 1, vendor: "opensuse", version: "sle-15", }, { model: "authoritative", scope: "gte", trust: 1, vendor: "powerdns", version: "4.0.0", }, { model: "leap", scope: "eq", trust: 1, vendor: "opensuse", version: "15.0", }, { model: "leap", scope: "eq", trust: 1, vendor: "opensuse", version: "15.1", }, { model: "authoritative", scope: "lt", trust: 1, vendor: "powerdns", version: "4.1.9", }, { model: "authoritative", scope: "gte", trust: 1, vendor: "powerdns", version: "4.1.0", }, { model: "authoritative", scope: "lt", trust: 1, vendor: "powerdns", version: "4.0.8", }, { model: "authoritative", scope: "eq", trust: 1, vendor: "powerdns", version: "4.1.0", }, { model: "authoritative server", scope: "lt", trust: 0.8, vendor: "powerdns", version: "4.0.8", }, { model: "authoritative server", scope: "lt", trust: 0.8, vendor: "powerdns", version: "4.1.9", }, { model: "authoritative server", scope: "lte", trust: 0.6, vendor: "powerdns", version: "<=4.1.8", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.8", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.7", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.6", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.5", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.4", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.3", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.2", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1.1", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.1", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.7", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.6", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.5", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.4", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.3", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.2", }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.1", }, { model: "authoritative server 4.0.0-rc2", scope: null, trust: 0.3, vendor: "powerdns", version: null, }, { model: "authoritative server 4.0.0-beta1", scope: null, trust: 0.3, vendor: "powerdns", version: null, }, { model: "authoritative server", scope: "eq", trust: 0.3, vendor: "powerdns", version: "4.0.0", }, { model: "authoritative server", scope: "ne", trust: 0.3, vendor: "powerdns", version: "4.1.9", }, { model: "authoritative server", scope: "ne", trust: 0.3, vendor: "powerdns", version: "4.0.8", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-19481", }, { db: "BID", id: "108878", }, { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "NVD", id: "CVE-2019-10163", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:powerdns:authoritative:4.1.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.1.9", versionStartIncluding: "4.1.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.0.8", versionStartIncluding: "4.0.0", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2019-10163", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Debian,Gert van Dijk", sources: [ { db: "CNNVD", id: "CNNVD-201906-866", }, ], trust: 0.6, }, cve: "CVE-2019-10163", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", exploitabilityScore: 8, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Partial", baseScore: 4, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-10163", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2019-19481", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "NVD", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "secalert@redhat.com", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", exploitabilityScore: 2.1, impactScore: 1.4, integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "Low", baseScore: 4.3, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2019-10163", impactScore: null, integrityImpact: "None", privilegesRequired: "Low", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, ], severity: [ { author: "NVD", id: "CVE-2019-10163", trust: 1.8, value: "MEDIUM", }, { author: "secalert@redhat.com", id: "CVE-2019-10163", trust: 1, value: "LOW", }, { author: "CNVD", id: "CNVD-2019-19481", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201906-866", trust: 0.6, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-10163", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2019-19481", }, { db: "VULMON", id: "CVE-2019-10163", }, { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "NVD", id: "CVE-2019-10163", }, { db: "NVD", id: "CVE-2019-10163", }, { db: "CNNVD", id: "CNNVD-201906-866", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. PowerDNS Authoritative Server Contains a resource exhaustion vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. PowerDNSAuthoritativeServer is a DNS server of the Dutch PowerDNS company. A security vulnerability exists in PowerDNSAuthoritativeServer 4.1.8 and earlier. An attacker could exploit the vulnerability by sending a large number of NOTIFY packets to cause a denial of service. PowerDNS Authoritative Server is prone to a denial-of-service vulnerability. \nPowerDNS Authoritative Server version 4.1.8 and prior are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4470-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJune 23, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : pdns\nCVE ID : CVE-2019-10162 CVE-2019-10163\n\nTwo vulnerabilities have been discovered in pdns, an authoritative DNS\nserver which may result in denial of service via malformed zone records\nand excessive NOTIFY packets in a master/slave setup. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.0.3-1+deb9u5. \n\nWe recommend that you upgrade your pdns packages. \n\nFor the detailed security status of pdns please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/pdns\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl0P6LYACgkQEMKTtsN8\nTjbi2RAAqjNYSOlZ5W/yfVxGPO5OiyC8XojhGPuPdVmByyCDTqzgPtZftKHxXfD2\n0sdc5/NM7ZNC/3brzRrVlMVRm7/bJvPloeDAGb8bnSzge9Nzz9FB7zcQxc5fdaqA\npn7/++FWXDmOVy2NEObcerk/SodAWDpVfmIZP6kH3aIeGs0WrUA/cusmV+C94kgv\n6XVJ3IW2dsIQrHvkoBMi4TJg5PrIHW0RruuJHlUSUgTusZ3XQS+hd93dciK7E+an\nxi0yB5oA6Mb/vw7DzlBRQfkgMiG6p9YRTgXwBdvrxqEVkNYpq9G/xH+nUdE6rDqt\nM3bG5tUMGCdtywwmwaSGXvkv6/5puPkMRpJIyTeVQTVYMbOgWyovC5sB5T8JytyD\ntW7qpbv/Mbhw0mmh0m8KoWnegNQhTTn8d3IKCxalB9JYpw3zhkHmfQW79lBRtqCy\nSvJEhkOVW7yhsWCl+HjKMXphsPST/oeKP3vJx4ET+4n58OfOt9Fm7rx406g2sY2o\nNsUwTdF3GDD00v0iuF+Vcm2nA6Qj6dOAXlp4kZygjFbDao4iF6lzY4KGDYS/Pn5Z\nkB4g58ShfWkAE+/WAvF8QVNcICnlI3l9SxwR2NiY/x6O53vkYBWeiJP/OvRQhlPQ\nKw4enCb3qrjgb6jMNDPBMe8TjMh92sEqiXPQBy57OcStAjcfxfI=\n=nUCz\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2019-10163", }, { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "CNVD", id: "CNVD-2019-19481", }, { db: "BID", id: "108878", }, { db: "VULMON", id: "CVE-2019-10163", }, { db: "PACKETSTORM", id: "153381", }, ], trust: 2.61, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-10163", trust: 3.5, }, { db: "BID", id: "108878", trust: 1.6, }, { db: "AUSCERT", id: "ESB-2019.2234", trust: 1.2, }, { db: "JVNDB", id: "JVNDB-2019-007437", trust: 0.8, }, { db: "PACKETSTORM", id: "153381", trust: 0.7, }, { db: "CNVD", id: "CNVD-2019-19481", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.2436", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201906-866", trust: 0.6, }, { db: "VULMON", id: "CVE-2019-10163", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-19481", }, { db: "VULMON", id: "CVE-2019-10163", }, { db: "BID", id: "108878", }, { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "PACKETSTORM", id: "153381", }, { db: "NVD", id: "CVE-2019-10163", }, { db: "CNNVD", id: "CNNVD-201906-866", }, ], }, id: "VAR-201907-1556", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2019-19481", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-19481", }, ], }, last_update_date: "2023-12-18T12:50:10.879000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "PowerDNS Authoritative Server 4.0.8 and 4.1.10 Released", trust: 0.8, url: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", }, { title: "PowerDNS Security Advisory 2019-05: Denial of service via NOTIFY packets", trust: 0.8, url: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", }, { title: "PowerDNSAuthoritativeServer denial of service vulnerability patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/165551", }, { title: "PowerDNS Authoritative Server Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=94008", }, { title: "Debian Security Advisories: DSA-4470-1 pdns -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=ef0d33d49b08fb003c26be24d917554f", }, { title: "", trust: 0.1, url: "https://github.com/live-hack-cve/cve-2019-10163 ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-19481", }, { db: "VULMON", id: "CVE-2019-10163", }, { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "CNNVD", id: "CNNVD-201906-866", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-770", trust: 1, }, { problemtype: "CWE-400", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "NVD", id: "CVE-2019-10163", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html", }, { trust: 1.7, url: "https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/", }, { trust: 1.7, url: "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-10163", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html", }, { trust: 1.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10163", }, { trust: 1.3, url: "http://www.debian.org/security/2019/dsa-4470", }, { trust: 1.2, url: "https://www.auscert.org.au/bulletins/esb-2019.2234/", }, { trust: 0.9, url: "http://www.powerdns.com/", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10163", }, { trust: 0.7, url: "https://www.securityfocus.com/bid/108878", }, { trust: 0.6, url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00002.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.2436/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/powerdns-denial-of-service-via-notify-packets-29602", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/153381/debian-security-advisory-4470-1.html", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/770.html", }, { trust: 0.1, url: "https://github.com/live-hack-cve/cve-2019-10163", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/pdns", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10162", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-19481", }, { db: "VULMON", id: "CVE-2019-10163", }, { db: "BID", id: "108878", }, { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "PACKETSTORM", id: "153381", }, { db: "NVD", id: "CVE-2019-10163", }, { db: "CNNVD", id: "CNNVD-201906-866", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2019-19481", }, { db: "VULMON", id: "CVE-2019-10163", }, { db: "BID", id: "108878", }, { db: "JVNDB", id: "JVNDB-2019-007437", }, { db: "PACKETSTORM", id: "153381", }, { db: "NVD", id: "CVE-2019-10163", }, { db: "CNNVD", id: "CNNVD-201906-866", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-28T00:00:00", db: "CNVD", id: "CNVD-2019-19481", }, { date: "2019-07-30T00:00:00", db: "VULMON", id: "CVE-2019-10163", }, { date: "2019-06-21T00:00:00", db: "BID", id: "108878", }, { date: "2019-08-09T00:00:00", db: "JVNDB", id: "JVNDB-2019-007437", }, { date: "2019-06-23T19:22:22", db: "PACKETSTORM", id: "153381", }, { date: "2019-07-30T23:15:12.263000", db: "NVD", id: "CVE-2019-10163", }, { date: "2019-06-24T00:00:00", db: "CNNVD", id: "CNNVD-201906-866", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-28T00:00:00", db: "CNVD", id: "CNVD-2019-19481", }, { date: "2023-02-03T00:00:00", db: "VULMON", id: "CVE-2019-10163", }, { date: "2019-06-21T00:00:00", db: "BID", id: "108878", }, { date: "2019-08-09T00:00:00", db: "JVNDB", id: "JVNDB-2019-007437", }, { date: "2023-02-03T14:27:58.510000", db: "NVD", id: "CVE-2019-10163", }, { date: "2020-10-09T00:00:00", db: "CNNVD", id: "CNNVD-201906-866", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201906-866", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PowerDNS Authoritative Server Vulnerable to resource exhaustion", sources: [ { db: "JVNDB", id: "JVNDB-2019-007437", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-201906-866", }, ], trust: 0.6, }, }