Redhat

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-1726 2Libpod Project Redhat 3Enterprise Linux LibpodOpenshift Container Platform Nov 21, 2024 Feb 11, 2020 N/A· v4 5.9 MEDIUM· v3 5.8 MEDIUM· v2 A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container bas...Show more A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.Show less
CVE-2020-1711 4Debian OpensuseQemu+1 more 5Debian Linux Enterprise LinuxLeap+2 more Nov 21, 2024 Feb 11, 2020 N/A· v4 6.0 MEDIUM· v3 6.0 MEDIUM· v2 An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Bloc...Show more An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.Show less
CVE-2009-4067 2Linux Redhat 2Enterprise Linux Linux Kernel Nov 21, 2024 Feb 11, 2020 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafte...Show more Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.Show less
CVE-2013-4535 2Qemu Redhat 6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Tus+3 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 7.2 HIGH· v2 The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.
CVE-2020-6416 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6415 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6408 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
CVE-2020-6406 5Debian FedoraprojectGoogle+2 more 7Chrome Debian LinuxEnterprise Linux Desktop+4 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6404 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6403 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6402 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extensi...Show more Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.Show less
CVE-2020-6400 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6398 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2020-6397 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
CVE-2020-6396 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6394 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 5.4 MEDIUM· v3 5.8 MEDIUM· v2 Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6393 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6392 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extens...Show more Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.Show less
CVE-2020-6391 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6390 6Debian FedoraprojectGoogle+3 more 8Backports Sle ChromeDebian Linux+5 more Nov 21, 2024 Feb 11, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Previous 1...747576...284 Next