📦

package_hub

Vendor: suse

Login to add this product to WatchStack
Actively Exploited 1 CISA KEV List
PoC / Exploits 1 Code Available
Total RCEs 5 Remote Access
Total CVEs 41 Total Indexed
Avg. EPSS 5.60% Exploit Prob.
Latest CVE CVE-2020-24368 Aug 19

Security Vulnerability Index

Page 2 / 5
8.8 CVSS
CVE-2020-6402
RCE

Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.

EPSS: 3.17%
6.5 CVSS
CVE-2020-6400

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

EPSS: 1.92%
8.8 CVSS
CVE-2020-6398

Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

EPSS: 2.20%
6.5 CVSS
CVE-2020-6397

Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.

EPSS: 1.38%
4.3 CVSS
CVE-2020-6396

Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

EPSS: 1.38%
5.4 CVSS
CVE-2020-6394

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.

EPSS: 1.07%
6.5 CVSS
CVE-2020-6393

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

EPSS: 1.46%
4.3 CVSS
CVE-2020-6392

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

EPSS: 1.29%
4.3 CVSS
CVE-2020-6391

Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.

EPSS: 1.29%
8.8 CVSS
CVE-2020-6390

Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

EPSS: 7.15%