OpenSUSE Backports SLE 15.0 Service Pack 2

A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2.

Published: 2021-06-10T11:25:11.178Z
Updated: 2024-09-16T22:40:51.163Z

A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges.

Published: 2020-08-17T15:41:19.000Z
Updated: 2024-08-04T09:56:27.573Z

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times.

Published: 2020-10-05T13:15:23.000Z
Updated: 2024-08-04T09:56:27.455Z

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.

Published: 2020-08-07T09:25:13.939Z
Updated: 2024-09-16T16:57:41.593Z

Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-09-21T19:06:56.000Z
Updated: 2024-08-04T09:11:04.909Z

Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-09-21T19:06:55.000Z
Updated: 2024-08-04T09:11:04.682Z

Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.

Published: 2020-09-21T19:06:55.000Z
Updated: 2024-08-04T09:11:04.696Z

Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-09-21T19:06:54.000Z
Updated: 2024-08-04T09:11:04.530Z

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

Published: 2020-09-21T19:06:54.000Z
Updated: 2024-08-04T09:11:04.610Z

Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.

Published: 2020-09-21T19:06:54.000Z
Updated: 2024-08-04T09:11:04.363Z

Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-09-21T19:06:53.000Z
Updated: 2024-08-04T09:11:04.342Z

Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Published: 2020-09-21T19:06:53.000Z
Updated: 2024-08-04T09:11:04.673Z

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Published: 2020-09-21T19:06:52.000Z
Updated: 2024-08-04T09:11:04.251Z

Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: 2020-09-21T19:06:52.000Z
Updated: 2024-08-04T09:11:04.531Z

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

Published: 2020-09-21T19:06:51.000Z
Updated: 2024-08-04T09:11:04.604Z

Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.

Published: 2020-09-21T19:06:51.000Z
Updated: 2024-08-04T09:11:04.649Z

Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.

Published: 2020-09-21T19:06:50.000Z
Updated: 2024-08-04T09:11:04.414Z

Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: 2020-09-21T19:06:50.000Z
Updated: 2024-08-04T09:11:04.524Z

Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: 2020-09-21T19:06:49.000Z
Updated: 2024-08-04T09:11:05.110Z

Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: 2020-09-21T19:06:49.000Z
Updated: 2024-08-04T09:11:04.296Z

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-09-21T19:06:49.000Z
Updated: 2024-08-04T09:11:04.227Z

Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Published: 2020-09-21T19:06:48.000Z
Updated: 2024-08-04T09:11:04.259Z

Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

Published: 2020-11-03T02:21:49.000Z
Updated: 2024-08-04T09:11:04.544Z

Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.

Published: 2020-07-22T16:16:11.000Z
Updated: 2024-08-04T09:11:03.982Z

Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: 2020-07-22T16:16:10.000Z
Updated: 2024-08-04T09:02:40.797Z

Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

Published: 2020-07-22T16:16:09.000Z
Updated: 2024-08-04T09:02:40.796Z

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.

Published: 2020-07-22T16:16:09.000Z
Updated: 2024-08-04T09:02:40.915Z

Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

Published: 2020-07-22T16:16:08.000Z
Updated: 2024-08-04T09:02:40.851Z

Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Published: 2020-07-22T16:16:08.000Z
Updated: 2024-08-04T09:02:40.812Z

Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Published: 2020-07-22T16:16:07.000Z
Updated: 2024-08-04T09:02:40.832Z

Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:16:07.000Z
Updated: 2024-08-04T09:02:40.735Z

Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:16:06.000Z
Updated: 2024-08-04T09:02:40.764Z

Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:16:06.000Z
Updated: 2024-08-04T09:02:40.825Z

Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-07-22T16:16:05.000Z
Updated: 2024-08-04T09:02:40.810Z

Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Published: 2020-07-22T16:16:05.000Z
Updated: 2024-08-04T09:02:40.737Z

Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:16:04.000Z
Updated: 2024-08-04T09:02:40.729Z

Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.

Published: 2020-07-22T16:16:04.000Z
Updated: 2024-08-04T09:02:40.736Z

Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:16:03.000Z
Updated: 2024-08-04T09:02:40.874Z

Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:16:03.000Z
Updated: 2024-08-04T09:02:40.908Z

Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: 2020-07-22T16:16:02.000Z
Updated: 2024-08-04T09:02:40.785Z

Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:16:02.000Z
Updated: 2024-08-04T09:02:40.815Z

Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.

Published: 2020-07-22T16:16:01.000Z
Updated: 2024-08-04T09:02:40.886Z

Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Published: 2020-07-22T16:16:01.000Z
Updated: 2024-08-04T09:02:40.787Z

Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Published: 2020-07-22T16:16:00.000Z
Updated: 2024-08-04T09:02:40.730Z

Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-07-22T16:15:59.000Z
Updated: 2024-08-04T09:02:40.703Z

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.

Published: 2020-10-10T18:26:53.000Z
Updated: 2024-08-04T16:03:23.118Z

phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.

Published: 2020-10-10T18:27:11.000Z
Updated: 2024-08-04T16:03:23.167Z

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

Published: 2020-10-07T18:07:51.000Z
Updated: 2024-08-04T15:49:07.217Z

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate), and for clients requesting validation when on-demand validation is enabled (dnssec=process).

Published: 2020-10-16T05:07:44.000Z
Updated: 2024-08-04T15:40:36.998Z

An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.

Published: 2020-08-31T03:57:28.000Z
Updated: 2024-08-04T15:26:09.160Z

Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.

Published: 2020-08-25T13:36:43.000Z
Updated: 2024-08-04T15:19:08.614Z

It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.

Published: 2020-03-27T12:47:49.502Z
Updated: 2024-09-16T23:25:42.434Z

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.

Published: 2020-03-27T12:47:49.421Z
Updated: 2024-09-17T01:11:13.158Z

In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.

Published: 2020-03-27T12:47:49.378Z
Updated: 2024-09-17T01:27:02.769Z

An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. This issue affects: ((OTRS)) Community Edition 5.0.x version 5.0.39 and prior versions; 6.0.x version 6.0.24 and prior versions. OTRS 7.0.x version 7.0.13 and prior versions.

Published: 2020-01-10T15:08:55.756Z
Updated: 2024-09-16T22:15:10.396Z

scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code.

Published: 2020-08-05T12:55:02.000Z
Updated: 2024-08-04T13:53:17.011Z

Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-11-03T02:21:48.000Z
Updated: 2024-08-04T13:30:23.549Z

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:47.000Z
Updated: 2025-10-21T23:35:33.440Z

Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.

Published: 2020-11-03T02:21:46.000Z
Updated: 2024-08-04T13:30:23.557Z

Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem.

Published: 2020-11-03T02:21:46.000Z
Updated: 2024-08-04T13:30:23.552Z

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:45.000Z
Updated: 2024-08-04T13:30:23.588Z

Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:45.000Z
Updated: 2024-08-04T13:30:23.567Z

Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:45.000Z
Updated: 2024-08-04T13:30:23.513Z

Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:44.000Z
Updated: 2024-08-04T13:30:23.541Z

Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

Published: 2020-11-03T02:21:44.000Z
Updated: 2024-08-04T13:30:23.556Z

Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:43.000Z
Updated: 2024-08-04T13:30:23.559Z

Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:43.000Z
Updated: 2024-08-04T13:30:23.552Z

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T00:00:00.000Z
Updated: 2025-10-21T23:35:33.599Z

Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.

Published: 2020-11-03T02:21:38.000Z
Updated: 2024-08-04T13:30:23.484Z

Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-11-03T02:21:38.000Z
Updated: 2024-08-04T13:30:23.568Z

Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-11-03T02:21:37.000Z
Updated: 2024-08-04T13:30:23.570Z

Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

Published: 2020-11-03T02:21:37.000Z
Updated: 2024-08-04T13:30:23.482Z

Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.

Published: 2020-11-03T02:21:36.000Z
Updated: 2024-08-04T13:30:23.458Z

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.

Published: 2020-11-03T02:21:36.000Z
Updated: 2024-08-04T13:30:23.556Z

Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:35.000Z
Updated: 2024-08-04T13:30:23.537Z

Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.

Published: 2020-11-03T02:21:35.000Z
Updated: 2024-08-04T13:30:23.528Z

Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.

Published: 2020-11-03T02:21:34.000Z
Updated: 2024-08-04T13:30:23.458Z

Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.

Published: 2020-11-03T02:21:34.000Z
Updated: 2024-08-04T13:30:23.517Z

Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Published: 2020-11-03T02:21:33.000Z
Updated: 2024-08-04T13:30:23.548Z

Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

Published: 2020-11-03T02:21:33.000Z
Updated: 2024-08-04T13:30:23.523Z

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.

Published: 2020-11-03T02:21:32.000Z
Updated: 2024-08-04T13:30:23.569Z

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:32.000Z
Updated: 2024-08-04T13:30:23.549Z

Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.

Published: 2020-11-03T02:21:32.000Z
Updated: 2024-08-04T13:30:23.469Z

Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.

Published: 2020-11-03T02:21:31.000Z
Updated: 2024-08-04T13:30:23.525Z

Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:31.000Z
Updated: 2024-08-04T13:30:23.525Z

Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:30.000Z
Updated: 2024-08-04T13:30:23.530Z

Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.

Published: 2020-11-03T02:21:30.000Z
Updated: 2024-08-04T13:30:23.487Z

Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.

Published: 2020-11-03T02:21:29.000Z
Updated: 2024-08-04T13:30:23.548Z

Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T00:00:00.000Z
Updated: 2024-08-04T13:30:23.524Z

Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-11-03T02:21:28.000Z
Updated: 2024-08-04T13:30:23.553Z

Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-11-03T02:21:28.000Z
Updated: 2024-08-04T13:30:23.519Z

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:27.000Z
Updated: 2024-08-04T13:30:23.456Z

Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-11-03T02:21:27.000Z
Updated: 2024-08-04T13:30:23.492Z

Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.

Published: 2020-11-03T02:21:26.000Z
Updated: 2024-08-04T13:30:23.538Z

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.

Published: 2020-09-21T19:06:38.000Z
Updated: 2024-08-04T13:30:23.391Z

Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Published: 2020-09-21T19:06:37.000Z
Updated: 2024-08-04T13:30:23.670Z

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Published: 2020-09-21T19:06:37.000Z
Updated: 2024-08-04T13:30:23.382Z

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

Published: 2020-09-21T19:06:36.000Z
Updated: 2024-08-04T13:30:23.470Z

Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Published: 2020-09-21T19:06:36.000Z
Updated: 2024-08-04T13:30:23.452Z

Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.

Published: 2020-09-21T19:06:35.000Z
Updated: 2024-08-04T13:30:23.514Z

Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Published: 2020-09-21T19:06:35.000Z
Updated: 2024-08-04T13:30:23.528Z

Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.

Published: 2020-09-21T19:06:34.000Z
Updated: 2024-08-04T13:30:23.418Z

common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.

Published: 2020-07-23T18:06:26.000Z
Updated: 2024-08-04T13:30:23.272Z

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.

Published: 2020-06-30T11:17:21.000Z
Updated: 2024-08-04T13:15:20.704Z

Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability. Due to insecure handling of path traversal and the lack of path sanitization within `unsquashfs`, it is possible to overwrite/create any files on the host filesystem during the extraction with a crafted squashfs filesystem. The extraction occurs automatically for unprivileged (either installation or with `allow setuid = no`) run of Singularity when a user attempt to run an image which is a local SIF image or a single file containing a squashfs filesystem and is coming from remote sources `library://` or `shub://`. Image build is also impacted in a more serious way as it can be used by a root user, allowing an attacker to overwrite/create files leading to a system compromise, so far bootstrap methods `library`, `shub` and `localimage` are triggering the squashfs extraction. This issue is addressed in Singularity 3.6.4. All users are advised to upgrade to 3.6.4 especially if they use Singularity mainly for building image as root user. There is no solid workaround except to temporary avoid to use unprivileged mode with single file images in favor of sandbox images instead. Regarding image build, temporary avoid to build from `library` and `shub` sources and as much as possible use `--fakeroot` or a VM for that.

Published: 2020-10-14T18:55:14.000Z
Updated: 2024-08-04T13:08:23.183Z

A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories.

Published: 2020-08-30T13:55:27.000Z
Updated: 2024-08-04T12:39:36.596Z

An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user.

Published: 2020-06-12T15:04:10.000Z
Updated: 2024-08-04T12:32:14.733Z

The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.

Published: 2020-06-03T18:41:09.000Z
Updated: 2024-08-04T12:18:17.618Z

rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

Published: 2020-05-04T14:58:15.000Z
Updated: 2025-10-21T23:35:44.407Z

Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.

Published: 2020-05-04T14:58:28.000Z
Updated: 2024-08-04T12:04:22.314Z

An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message.

Published: 2020-05-04T01:57:31.000Z
Updated: 2024-08-04T12:04:22.316Z

GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conclude that the MIME type should have been text/html, and execute JavaScript code.

Published: 2020-04-24T12:37:58.000Z
Updated: 2024-08-04T11:48:58.357Z

/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.

Published: 2020-05-06T14:50:33.000Z
Updated: 2024-08-04T11:48:58.484Z

Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.

Published: 2020-10-07T15:02:53.000Z
Updated: 2024-08-04T11:41:59.916Z

An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.

Published: 2019-03-13T22:00:00.000Z
Updated: 2024-08-04T22:01:54.195Z

Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.

Published: 2019-12-20T19:52:34.000Z
Updated: 2024-08-05T02:32:09.764Z

Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.

Published: 2019-12-20T19:52:43.000Z
Updated: 2024-08-05T02:32:09.851Z

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, even tickets in a queue where the attacker doesn't have permissions.

Published: 2020-01-06T00:00:00.000Z
Updated: 2024-08-05T01:47:13.546Z

In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Published: 2019-04-07T14:36:23.000Z
Updated: 2024-08-04T22:32:01.425Z