CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2015-7542
https://notcve.org/view.php?id=CVE-2015-7542
03 Dec 2019 — A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. Existe una vulnerabilidad en libgwenhywfar hasta la versión 4.12.0 debido al uso de certificados de CA empaquetados obsoletos. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174484.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 2CVE-2016-4983
https://notcve.org/view.php?id=CVE-2016-4983
05 Nov 2019 — A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. Un script postinstall en el dovecot rpm, permite a usuarios locales leer el contenido de los archivos de clave SSL/TLS recientemente creados. • http://lists.opensuse.org/opensuse-updates/2016-11/msg00096.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 2.4EPSS: 0%CPEs: 6EXPL: 1CVE-2016-1000002
https://notcve.org/view.php?id=CVE-2016-1000002
05 Nov 2019 — gdm3 3.14.2 and possibly later has an information leak before screen lock gdm3 versión 3.14.2 y posiblemente después, tiene una filtrado de información antes del bloqueo de pantalla • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 1CVE-2015-8980
https://notcve.org/view.php?id=CVE-2015-8980
04 Nov 2019 — The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. La fórmula de forma plural en la familia de llamadas ngettext en php-gettext versiones anteriores a la versión 1.0.12, permite a atacantes remotos ejecutar código arbitrario. • http://lists.opensuse.org/opensuse-updates/2017-02/msg00015.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-5834 – Debian Security Advisory 4500-1
https://notcve.org/view.php?id=CVE-2019-5834
27 Jun 2019 — Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page. La insuficiente validación de datos en Blink en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto realizara una falsificación de dominio a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less tha... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-346: Origin Validation Error •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-5816 – Gentoo Linux Security Advisory 201908-18
https://notcve.org/view.php?id=CVE-2019-5816
27 Jun 2019 — Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page. El problema de la duración del proceso en Chrome en Google Chrome en Android antes de 74.0.3729.108 permitió que un atacante remoto pudiera persistir en un proceso explotado a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers t... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 0CVE-2019-5817 – Gentoo Linux Security Advisory 201908-18
https://notcve.org/view.php?id=CVE-2019-5817
27 Jun 2019 — Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El desbordamiento del búfer del heap en ANGLE en Google Chrome en Windows antes de 74.0.3729.108 permitió que un atacante remoto pudiera explotar la corrupción del montón a través de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute ar... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5828 – chromium-browser: Use after free in ServiceWorker
https://notcve.org/view.php?id=CVE-2019-5828
17 Jun 2019 — Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. El problema del ciclo de vida del objeto en ServiceWorker en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de límites a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remo... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5829 – chromium-browser: Use after free in Download Manager
https://notcve.org/view.php?id=CVE-2019-5829
17 Jun 2019 — Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. El desbordamiento de enteros en el administrador de descargas en Google Chrome antes de la versión 75.0.3770.80 permitió que un atacante remoto pudiera realizar un acceso a la memoria fuera de límites a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which coul... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5830 – chromium-browser: Incorrectly credentialed requests in CORS
https://notcve.org/view.php?id=CVE-2019-5830
17 Jun 2019 — Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. La aplicación de políticas insuficientes en CORS en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto filtrara datos de origen cruzado a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html •