Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-416
Total 5765 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16001 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15998 1 Google 2 Android, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15997 1 Google 2 Android, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15996 1 Google 2 Android, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in passwords in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15994 1 Google 2 Android, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15993 1 Google 2 Android, Chrome 2024-11-21 6.8 MEDIUM 9.8 CRITICAL
Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15991 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15990 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15987 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
CVE-2020-15986 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15976 4 Debian, Fedoraproject, Google and 1 more 5 Debian Linux, Fedora, Android and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15972 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15971 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15970 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15969 5 Apple, Debian, Fedoraproject and 2 more 10 Ipados, Iphone Os, Macos and 7 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15968 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15967 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15888 1 Lua 1 Lua 2024-11-21 6.8 MEDIUM 8.8 HIGH
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
CVE-2020-15859 2 Debian, Qemu 2 Debian Linux, Qemu 2024-11-21 2.1 LOW 3.3 LOW
QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.
CVE-2020-15706 7 Canonical, Debian, Gnu and 4 more 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more 2024-11-21 4.4 MEDIUM 6.4 MEDIUM
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.