https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/
https://www.zdnet.com/article/google-releases-chrome-security-update-to-patch-actively-exploited-zero-day/
https://vulners.com/cve/CVE-2020-15999
https://magpcss.org/ceforum/viewtopic.php?f=10&t=17942

To review the CEF/Chromium patch see https://bitbucket.org/chromiumembedded/cef/commits/cd6cbe008b127990036945fb75e7c2c1594ab10d

CPENameOperatorVersion
cefsharp.commoneq85.3.121
cefsharp.commoneq33.0.0
cefsharp.wpfeq33.1.0-pre01
cefsharp.wpfeq63.0.0
cefsharp.commoneq75.1.143
cefsharp.commoneq62.0.0-pre01
cefsharp.commoneq63.0.0-pre02
cefsharp.wpfeq47.0.0-pre01
cefsharp.commoneq65.0.0-pre02
cefsharp.wpfeq85.3.121

Name	Operator	Version
cefsharp.common	eq	85.3.121
cefsharp.common	eq	33.0.0
cefsharp.wpf	eq	33.1.0-pre01
cefsharp.wpf	eq	63.0.0
cefsharp.common	eq	75.1.143
cefsharp.common	eq	62.0.0-pre01
cefsharp.common	eq	63.0.0-pre02
cefsharp.wpf	eq	47.0.0-pre01
cefsharp.common	eq	65.0.0-pre02
cefsharp.wpf	eq	85.3.121

Rows per page:

1-10 of 2641

References

lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html

seclists.org/fulldisclosure/2020/Nov/33

chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html

crbug.com/1139963

github.com/cefsharp/CefSharp

github.com/cefsharp/CefSharp/security/advisories/GHSA-pv36-h7jh-qm62

googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7

lists.fedoraproject.org/archives/list/[email protected]/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7

nvd.nist.gov/vuln/detail/CVE-2020-15999

security.gentoo.org/glsa/202011-12

security.gentoo.org/glsa/202012-04

security.gentoo.org/glsa/202401-19

www.debian.org/security/2021/dsa-4824

www.nuget.org/packages/CefSharp.Common

www.nuget.org/packages/CefSharp.WinForms

www.nuget.org/packages/CefSharp.Wpf

www.nuget.org/packages/CefSharp.Wpf.HwndHost

nessus 61

redhatcve 1

veracode 2

osv 8

openvas 29

redhat 8

githubexploit 3

archlinux 2

almalinux 1

malwarebytes 2

threatpost 4

alpinelinux 1

suse 12

oraclelinux 2

cloudfoundry 1

prion 1

cbl_mariner 2

thn 5

fedora 3

debian 3

amazon 1

checkpoint_advisories 1

cvelist 1

gitlab 4

github 1

centos 1

cve 1

ubuntu 2

freebsd 2

slackware 1

f5 1

gentoo 4

ubuntucve 1

debiancve 1

nvd 1

qualysblog 1

rocky 1

mageia 1

photon 5

ibm 3

cisa_kev 1

attackerkb 2

krebs 1

ics 1

kaspersky 3

chrome 1

googleprojectzero 1

mozilla 2

altlinux 2

nessus

Oracle Linux 8 : freetype (ELSA-2020-4952)

2020-11-14 00:00:00

openSUSE Security Update : freetype2 (openSUSE-2020-1744)

2020-10-27 00:00:00

Slackware 14.0 / 14.1 / 14.2 / current : freetype (SSA:2020-294-01)

2020-10-21 00:00:00

redhatcve

CVE-2020-15999

2020-10-21 18:33:33

veracode

Heap Buffer Overflow

2020-10-25 12:34:11

Heap Buffer Overflow

2020-11-05 03:17:59

osv

freetype vulnerability

2020-10-20 12:02:17

freetype - security update

2020-10-21 00:00:00

Important: freetype security update

2020-11-05 08:26:43

openvas

openSUSE: Security Advisory for freetype2 (openSUSE-SU-2020:1734-1)

2020-10-26 00:00:00

Ubuntu: Security Advisory (USN-4593-1)

2020-10-21 00:00:00

Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2021-1585)

2021-03-05 00:00:00

redhat

(RHSA-2020:4949) Important: freetype security update

2020-11-05 08:24:45

(RHSA-2020:4950) Important: freetype security update

2020-11-05 08:24:47

(RHSA-2020:4952) Important: freetype security update

2020-11-05 08:26:43

githubexploit

Exploit for Out-of-bounds Write in Google Chrome

2020-12-30 18:02:23

Exploit for Out-of-bounds Write in Google Chrome

2020-10-28 16:16:25

Exploit for Out-of-bounds Write in Google Chrome

2020-12-30 19:58:33

archlinux

[ASA-202010-10] freetype2: arbitrary code execution

2020-10-20 00:00:00

[ASA-202010-11] lib32-freetype2: arbitrary code execution

2020-10-20 00:00:00

almalinux

Important: freetype security update

2020-11-05 08:26:43

malwarebytes

Google patches actively exploited zero-day bug that affects Chrome users

2020-10-26 10:58:14

Update your Chrome again as Google patches second zero-day in two weeks

2020-11-03 18:30:00

threatpost

Microsoft IE Browser Death March Hastens

2020-10-26 22:26:57

Microsoft Patch Tuesday Update Fixes 17 Critical Bugs

2020-11-10 21:12:21

Google Patches Actively-Exploited Zero-Day Bug in Chrome Browser

2020-10-21 12:23:29

alpinelinux

CVE-2020-15999

2020-11-03 03:15:14

suse

Security update for freetype2 (important)

2020-10-26 00:00:00

Security update for freetype2 (important)

2020-10-25 00:00:00

Security update for chromium (important)

2020-10-24 00:00:00

oraclelinux

freetype security update

2020-11-06 00:00:00

freetype security update

2020-11-13 00:00:00

cloudfoundry

USN-4593-1: FreeType vulnerability | Cloud Foundry

2020-11-19 00:00:00

prion

Heap overflow

2020-11-03 03:15:00

cbl_mariner

CVE-2020-15999 affecting package freetype for versions less than 2.11.1-1

2022-04-09 06:51:42

CVE-2020-15999 affecting package freetype 2.9.1-4

2022-03-19 16:40:53

thn

New Chrome 0-day Under Active Attacks – Update Your Browser Now

2020-10-21 16:26:00

WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild

2020-11-02 09:43:00

New Chrome Zero-Day Under Active Attacks – Update Your Browser

2020-11-03 09:33:00

fedora

[SECURITY] Fedora 31 Update: freetype-2.10.0-4.fc31

2020-11-07 01:28:39

[SECURITY] Fedora 33 Update: freetype-2.10.4-1.fc33

2020-10-25 01:01:39

[SECURITY] Fedora 32 Update: freetype-2.10.4-1.fc32

2020-10-25 01:21:04

debian

[SECURITY] [DSA 4777-1] freetype security update

2020-10-21 19:00:07

[SECURITY] [DSA 4777-1] freetype security update

2020-10-21 19:00:07

[SECURITY] [DLA 2415-1] freetype security update

2020-10-25 21:59:56

amazon

Important: freetype

2020-12-08 20:55:00

checkpoint_advisories

Google Chrome Memory Corruption (CVE-2020-15999)

2020-10-24 00:00:00

cvelist

CVE-2020-15999

2020-11-03 00:00:00

gitlab

Out-of-bounds Write

2020-10-27 00:00:00

Out-of-bounds Write

2020-10-27 00:00:00

Out-of-bounds Write

2020-10-27 00:00:00

github

Heap buffer overflow in CefSharp

2020-10-27 19:47:38

centos

freetype security update

2020-11-06 21:57:09

cve

CVE-2020-15999

2020-11-03 03:15:14

ubuntu

FreeType vulnerability

2020-10-20 00:00:00

FreeType vulnerability

2020-10-22 00:00:00

freebsd

freetype2 -- heap buffer overlfow

2020-10-20 00:00:00

chromium -- multiple vulnerabilities

2020-10-20 00:00:00

slackware

[slackware-security] freetype

2020-10-20 22:26:01

K000133070 : Freetype vulnerability CVE-2020-15999

2023-03-20 00:00:00

gentoo

Opera: Multiple Vulnerabilities

2024-01-15 00:00:00

FreeType: Arbitrary code execution

2020-10-23 00:00:00

Chromium, Google Chrome: Multiple vulnerabilities

2020-11-11 00:00:00

ubuntucve

CVE-2020-15999

2020-10-20 00:00:00

debiancve

CVE-2020-15999

2020-11-03 03:15:14

nvd

CVE-2020-15999

2020-11-03 03:15:14

qualysblog

Vulnerability Detection Pipeline (Beta)

2020-09-16 17:43:34

rocky

freetype security update

2020-11-05 08:26:43

mageia

Updated freetype2 packages fix security vulnerability

2020-10-20 19:22:12

photon

Moderate Photon OS Security Update - PHSA-2022-0442

2022-02-16 00:00:00

Critical Photon OS Security Update - PHSA-2022-0364

2022-02-22 00:00:00

Critical Photon OS Security Update - PHSA-2022-3.0-0364

2022-02-28 00:00:00

ibm

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities (CVE-2020-1971, CVE-2020-15999, CVE-2017-12652)

2021-08-16 07:01:26

Security Bulletin: IBM Analyst's Notebook Premium uses a component with known vulnerabilities (CVE-2020-16013, CVE-2020-16009, CVE-2020-15999)

2021-07-23 15:10:10

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.5 ESR + CVE-2020-26951) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0

2021-02-25 07:21:06

cisa_kev

Google Chrome FreeType Heap Buffer Overflow Vulnerability

2021-11-03 00:00:00

attackerkb

CVE-2020-17087 Windows Kernel local privilege escalation 0day

2020-11-11 00:00:00

CVE-2020-15999 Chrome Freetype 0day

2020-11-03 00:00:00

krebs

Patch Tuesday, November 2020 Edition

2020-11-11 01:56:41

ics

Rockwell Automation Connected Components Workbench

2023-09-21 12:00:00

kaspersky

KLA11986 Multiple vulnerabilities in Google Chrome

2020-10-20 00:00:00

KLA12013 Multiple vulnerabilities in Opera

2020-10-29 00:00:00

KLA12012 Multiple vulnerabilities in Mozilla Thunderbird

2020-11-17 00:00:00

chrome

Stable Channel Update for Desktop

2020-10-20 00:00:00

googleprojectzero

In-the-Wild Series: October 2020 0-day discovery

2021-03-18 00:00:00

mozilla

Security Vulnerabilities fixed in Thunderbird 78.5 — Mozilla

2020-11-17 00:00:00

Security Vulnerabilities fixed in Firefox ESR 78.5 — Mozilla

2020-11-17 00:00:00

altlinux

Security fix for the ALT Linux 10 package thunderbird version 78.5.0-alt1

2020-11-19 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 78.5.0-alt1

2020-11-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.026 Low

EPSS

Percentile

90.3%

JSON

Related for OSV:GHSA-PV36-H7JH-QM62