CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2015-7542
https://notcve.org/view.php?id=CVE-2015-7542
03 Dec 2019 — A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. Existe una vulnerabilidad en libgwenhywfar hasta la versión 4.12.0 debido al uso de certificados de CA empaquetados obsoletos. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174484.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 2CVE-2016-4983
https://notcve.org/view.php?id=CVE-2016-4983
05 Nov 2019 — A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. Un script postinstall en el dovecot rpm, permite a usuarios locales leer el contenido de los archivos de clave SSL/TLS recientemente creados. • http://lists.opensuse.org/opensuse-updates/2016-11/msg00096.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 2.4EPSS: 0%CPEs: 6EXPL: 1CVE-2016-1000002
https://notcve.org/view.php?id=CVE-2016-1000002
05 Nov 2019 — gdm3 3.14.2 and possibly later has an information leak before screen lock gdm3 versión 3.14.2 y posiblemente después, tiene una filtrado de información antes del bloqueo de pantalla • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 1CVE-2015-8980
https://notcve.org/view.php?id=CVE-2015-8980
04 Nov 2019 — The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. La fórmula de forma plural en la familia de llamadas ngettext en php-gettext versiones anteriores a la versión 1.0.12, permite a atacantes remotos ejecutar código arbitrario. • http://lists.opensuse.org/opensuse-updates/2017-02/msg00015.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-5834 – Debian Security Advisory 4500-1
https://notcve.org/view.php?id=CVE-2019-5834
27 Jun 2019 — Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page. La insuficiente validación de datos en Blink en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto realizara una falsificación de dominio a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less tha... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-346: Origin Validation Error •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-5816 – Gentoo Linux Security Advisory 201908-18
https://notcve.org/view.php?id=CVE-2019-5816
27 Jun 2019 — Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page. El problema de la duración del proceso en Chrome en Google Chrome en Android antes de 74.0.3729.108 permitió que un atacante remoto pudiera persistir en un proceso explotado a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers t... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: 8.8EPSS: 3%CPEs: 8EXPL: 0CVE-2019-5817 – Gentoo Linux Security Advisory 201908-18
https://notcve.org/view.php?id=CVE-2019-5817
27 Jun 2019 — Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El desbordamiento del búfer del heap en ANGLE en Google Chrome en Windows antes de 74.0.3729.108 permitió que un atacante remoto pudiera explotar la corrupción del montón a través de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute ar... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5836 – chromium-browser: Heap buffer overflow in Angle
https://notcve.org/view.php?id=CVE-2019-5836
17 Jun 2019 — Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. El desbordamiento del búfer del montón en ANGLE en Google Chrome antes de 75.0.3770.80 permitió a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Ver... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2019-5832 – chromium-browser: Incorrect CORS handling in XHR
https://notcve.org/view.php?id=CVE-2019-5832
17 Jun 2019 — Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. La aplicación de políticas insuficientes en XMLHttpRequest en Google Chrome antes de 75.0.3770.80 permitió a un atacante remoto filtrar datos de origen cruzado a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. V... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2019-5840 – chromium-browser: Popup blocker bypass
https://notcve.org/view.php?id=CVE-2019-5840
17 Jun 2019 — Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. La IU de seguridad incorrecta en el bloqueador de ventanas emergentes en Google Chrome en iOS antes de 75.0.3770.80 permitió que un atacante remoto omitiera las restricciones de navegación a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attac... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •