Redhat » Enterprise Linux Desktop » 6.0 : Security Vulnerabilities
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
| Max Base Score | 4.3 |
| Published | 2021-05-14 |
| Updated | 2023-03-11 |
| EPSS | 0.06% |
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
| Max Base Score | 8.8 |
| Published | 2020-03-12 |
| Updated | 2022-08-12 |
| EPSS | 0.23% |
CVE-2020-6418
Public exploit exists
Known Exploited Vulnerability
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-27 |
| Updated | 2022-03-31 |
| EPSS | 96.69% |
| KEV Added | 2021-11-03 |
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.45% |
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.48% |
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
| Max Base Score | 6.5 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.23% |
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.77% |
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.48% |
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
| Max Base Score | 4.3 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.20% |
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2021-09-16 |
| EPSS | 0.45% |
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
| Max Base Score | 6.5 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.35% |
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.62% |
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
| Max Base Score | 6.5 |
| Published | 2020-02-11 |
| Updated | 2022-03-31 |
| EPSS | 0.22% |
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
| Max Base Score | 4.3 |
| Published | 2020-02-11 |
| Updated | 2022-04-11 |
| EPSS | 0.20% |
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
| Max Base Score | 5.8 |
| Published | 2020-02-11 |
| Updated | 2022-04-06 |
| EPSS | 0.24% |
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
| Max Base Score | 6.5 |
| Published | 2020-02-11 |
| Updated | 2022-04-06 |
| EPSS | 0.61% |
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
| Max Base Score | 4.3 |
| Published | 2020-02-11 |
| Updated | 2022-04-06 |
| EPSS | 0.34% |
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
| Max Base Score | 4.3 |
| Published | 2020-02-11 |
| Updated | 2022-04-11 |
| EPSS | 0.24% |
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-04-11 |
| EPSS | 20.51% |
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-27 |
| Updated | 2022-03-31 |
| EPSS | 0.44% |
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-04-11 |
| EPSS | 0.48% |
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-27 |
| Updated | 2022-03-31 |
| EPSS | 0.44% |
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-27 |
| Updated | 2022-03-31 |
| EPSS | 0.44% |
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-04-11 |
| EPSS | 0.48% |
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
| Max Base Score | 8.8 |
| Published | 2020-02-11 |
| Updated | 2022-04-11 |
| EPSS | 0.48% |