CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 1CVE-2020-6382 – chromium-browser: Type Confusion in JavaScript
https://notcve.org/view.php?id=CVE-2020-6382
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en JavaScript en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/1031909 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-6398 – chromium-browser: Uninitialized use in PDFium
https://notcve.org/view.php?id=CVE-2020-6398
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Un uso de datos no inicializados en PDFium en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de un archivo PDF diseñado. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/1032090 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-908: Use of Uninitialized Resource •
CVSS: 8.8EPSS: 6%CPEs: 11EXPL: 1CVE-2020-6390 – chromium-browser: Out of bounds memory access in streams
https://notcve.org/view.php?id=CVE-2020-6390
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en streams en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Chrome suffers from an out-of-bounds access vulnerability in ReadableStream::Close. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html http://packetstormsecurity.com/files/157419/Chrome-ReadableStream-Close-Out-Of-Bounds-Access.html https://access.redhat.com/errata/RHSA-2020:0514 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/1045874 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMA • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-6402 – chromium-browser: Insufficient policy enforcement in downloads
https://notcve.org/view.php?id=CVE-2020-6402
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Una aplicación insuficiente de la política en downloads en Google Chrome sobre OS X versiones anteriores a 80.0.3987.87, permitió a un atacante que convenció a un usuario a instalar una extensión maliciosa para ejecutar código arbitrario por medio de una extensión de Chrome diseñada. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://access.redhat.com/errata/RHSA-2020:0514 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/1029375 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1712 – systemd: use-after-free when asynchronous polkit queries are performed
https://notcve.org/view.php?id=CVE-2020-1712
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages. Se detectó una vulnerabilidad uso de la memoria previamente liberada de la pila en systemd versiones anteriores a v245-rc1, donde se llevaron a cabo consultas de Polkit asincrónicas mientras se manejan mensajes dbus. Un atacante no privilegiado local puede abusar de este fallo para bloquear los servicios de systemd o potencialmente ejecutar código y elevar sus privilegios, mediante el envío de mensajes dbus especialmente diseñados. A heap use-after-free vulnerability was found in systemd, where asynchronous Polkit queries are performed while handling dbus messages. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712 https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54 https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2 https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html https://www.openwall.com/lists/oss-security/2020/02/05/1 https://access.redhat.c • CWE-416: Use After Free •