[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-15999":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":78,"aliases":93,"duplicate_of":9,"upstream":97,"downstream":98,"duplicates":185,"related":186,"reserved_at":9,"published_at":216,"modified_at":217,"state":218,"summary":219,"references_raw":228,"kevs":330,"epss":340,"epss_history":343,"metrics":542,"affected":560},"CVE-2020-15999","Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":24,"abstraction":17,"likelihood_of_exploit":18,"capec":25},"CWE-120","Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.","Incomplete",[26,30,34,38,42,46,50,54,58,62,66,70,74],{"id":27,"name":28,"techniques":29},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":31,"name":32,"techniques":33},"CAPEC-100","Overflow Buffers",[],{"id":35,"name":36,"techniques":37},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":39,"name":40,"techniques":41},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":43,"name":44,"techniques":45},"CAPEC-42","MIME Conversion",[],{"id":47,"name":48,"techniques":49},"CAPEC-44","Overflow Binary Resource File",[],{"id":51,"name":52,"techniques":53},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":55,"name":56,"techniques":57},"CAPEC-46","Overflow Variables and Tags",[],{"id":59,"name":60,"techniques":61},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":63,"name":64,"techniques":65},"CAPEC-67","String Format Overflow in syslog()",[],{"id":67,"name":68,"techniques":69},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":71,"name":72,"techniques":73},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":75,"name":76,"techniques":77},"CAPEC-92","Forced Integer Overflow",[],[79,88],{"_key":80,"name":81,"source":82,"url":83,"maturity":84,"reliability_score":85,"verified":86,"type":9,"platforms":87,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_7B0A5E2492D5FE72","Exploit Reference (crbug.com)","reference","https://crbug.com/1139963","unknown",0.2,false,[],{"_key":89,"name":90,"source":82,"url":91,"maturity":84,"reliability_score":85,"verified":86,"type":9,"platforms":92,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_23074EAD81DEB826","Exploit Reference (googleprojectzero.blogspot.com)","https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html",[],[94,95,96],"GHSA-pv36-h7jh-qm62","A-171232105","ASB-A-171232105",[],[99,101,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151,153,155,157,159,161,163,165,167,169,171,173,175,177,179,181,183],{"_key":100},"ALPINE-CVE-2020-15999",{"_key":102},"SUSE-SU-2020:3383-1",{"_key":104},"RHSA-2020:4351",{"_key":106},"RHSA-2020:4907",{"_key":108},"RHSA-2020:4949",{"_key":110},"RHSA-2020:4950",{"_key":112},"RHSA-2020:4951",{"_key":114},"RHSA-2020:4952",{"_key":116},"OPENSUSE-SU-2020:1744-1",{"_key":118},"OPENSUSE-SU-2024:10601-1",{"_key":120},"SUSE-SU-2020:14548-1",{"_key":122},"SUSE-SU-2020:2995-1",{"_key":124},"SUSE-SU-2020:2998-1",{"_key":126},"SUSE-SU-2020:3458-1",{"_key":128},"SUSE-SU-2020:3528-1",{"_key":130},"SUSE-SU-2020:3548-1",{"_key":132},"OPENSUSE-SU-2020:1731-1",{"_key":134},"OPENSUSE-SU-2020:1829-1",{"_key":136},"OPENSUSE-SU-2020:1718-1",{"_key":138},"OPENSUSE-SU-2020:1734-1",{"_key":140},"OPENSUSE-SU-2020:1737-1",{"_key":142},"OPENSUSE-SU-2020:1952-1",{"_key":144},"OPENSUSE-SU-2020:2020-1",{"_key":146},"OPENSUSE-SU-2020:2031-1",{"_key":148},"OPENSUSE-SU-2020:2096-1",{"_key":150},"OPENSUSE-SU-2020:2187-1",{"_key":152},"OPENSUSE-SU-2020:2315-1",{"_key":154},"OPENSUSE-SU-2021:1134-1",{"_key":156},"OPENSUSE-SU-2024:10600-1",{"_key":158},"OPENSUSE-SU-2024:10681-1",{"_key":160},"OPENSUSE-SU-2024:10770-1",{"_key":162},"OPENSUSE-SU-2024:11209-1",{"_key":164},"OPENSUSE-SU-2024:12948-1",{"_key":166},"OPENSUSE-SU-2024:13827-1",{"_key":168},"OPENSUSE-SU-2024:14572-1",{"_key":170},"DLA-2415-1",{"_key":172},"DSA-4777-1",{"_key":174},"DSA-4824-1",{"_key":176},"MGASA-2020-0389",{"_key":178},"UBUNTU-CVE-2020-15999",{"_key":180},"USN-4593-1",{"_key":182},"USN-4593-2",{"_key":184},"DEBIAN-CVE-2020-15999",[],[187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215],{"_key":102},{"_key":116},{"_key":118},{"_key":120},{"_key":122},{"_key":124},{"_key":126},{"_key":128},{"_key":130},{"_key":132},{"_key":134},{"_key":136},{"_key":138},{"_key":140},{"_key":142},{"_key":144},{"_key":146},{"_key":148},{"_key":150},{"_key":152},{"_key":154},{"_key":156},{"_key":158},{"_key":160},{"_key":162},{"_key":164},{"_key":166},{"_key":168},{"_key":176},"2020-11-03T00:00:00.000Z","2025-10-21T23:35:33.599Z","Analyzed",{"cisa_kev":220,"cisa_ransomware":86,"cisa_vendor":221,"epss_severity":222,"epss_score":223,"severity":222,"severity_score":224,"severity_version":225,"severity_source":226,"severity_vector":227,"severity_status":218},true,"Google","critical",0.93031,9.6,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",[229,238,242,249,254,258,263,267,271,274,278,282,288,292,297,301,305,309,313,317,321,325],{"url":83,"sources":230,"tags":233},[226,231,232],"nvd","osv_nuget",[234,235,236,237],"Exploit","Issue Tracking","Third Party Advisory","WEB",{"url":239,"sources":240,"tags":241},"https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html",[226,231,232],[236,237],{"url":243,"sources":244,"tags":245},"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html",[226,231,232],[246,247,248,236,237],"Vendor Advisory","Broken Link","Mailing List",{"url":250,"sources":251,"tags":252},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/",[226,231],[246,253],"Release Notes",{"url":255,"sources":256,"tags":257},"https://security.gentoo.org/glsa/202011-12",[226,231,232],[246,236,237],{"url":259,"sources":260,"tags":261},"http://seclists.org/fulldisclosure/2020/Nov/33",[226,231,232],[248,262,236,237],"Not Applicable",{"url":264,"sources":265,"tags":266},"https://security.gentoo.org/glsa/202012-04",[226,231,232],[246,236,237],{"url":268,"sources":269,"tags":270},"https://www.debian.org/security/2021/dsa-4824",[226,231,232],[246,248,236,237],{"url":91,"sources":272,"tags":273},[226,231,232],[234,236,237],{"url":275,"sources":276,"tags":277},"https://security.gentoo.org/glsa/202401-19",[226,231,232],[246,236,237],{"url":279,"sources":280,"tags":281},"https://security.netapp.com/advisory/ntap-20240812-0001/",[226,231],[236],{"url":283,"sources":284,"tags":285},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15999",[226,231],[286,287],"Government Resource","US Government Resource",{"url":289,"sources":290,"tags":291},"https://github.com/cefsharp/CefSharp/security/advisories/GHSA-pv36-h7jh-qm62",[232],[237],{"url":293,"sources":294,"tags":295},"https://nvd.nist.gov/vuln/detail/CVE-2020-15999",[232],[296],"Advisory",{"url":298,"sources":299,"tags":300},"https://www.nuget.org/packages/CefSharp.Wpf.HwndHost",[232],[237],{"url":302,"sources":303,"tags":304},"https://www.nuget.org/packages/CefSharp.Wpf",[232],[237],{"url":306,"sources":307,"tags":308},"https://www.nuget.org/packages/CefSharp.WinForms",[232],[237],{"url":310,"sources":311,"tags":312},"https://www.nuget.org/packages/CefSharp.Common",[232],[237],{"url":314,"sources":315,"tags":316},"https://security.netapp.com/advisory/ntap-20240812-0001",[232],[237],{"url":318,"sources":319,"tags":320},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7",[232],[237],{"url":322,"sources":323,"tags":324},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7",[232],[237],{"url":326,"sources":327,"tags":328},"https://github.com/cefsharp/CefSharp",[232],[329],"PACKAGE",[331],{"source":332,"vendor":221,"product":333,"date_added":334,"vulnerability_name":335,"short_description":336,"required_action":337,"due_date":338,"known_ransomware_campaign_use":339,"notes":293,"exploitation_type":9},"cisa","Chrome FreeType","2021-11-03","Google Chrome FreeType Heap Buffer Overflow Vulnerability","Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and CVE-2020-16010 on Android.","Apply updates per vendor instructions.","2021-11-17","Unknown",{"date":341,"score":223,"percentile":342},"2026-06-04",0.99792,[344,348,352,354,357,359,361,363,365,367,371,373,375,377,380,384,387,389,392,395,397,399,402,404,406,408,410,412,415,418,420,422,424,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,462,464,466,469,471,473,475,477,479,481,483,485,487,489,491,493,495,497,499,501,503,505,507,509,511,513,516,518,520,522,524,526,528,530,532,534,536,538,540],{"date":345,"score":346,"percentile":347},"2025-11-04",0.93093,0.99773,{"date":349,"score":350,"percentile":351},"2025-11-05",0.92931,0.99761,{"date":353,"score":350,"percentile":351},"2025-11-06",{"date":355,"score":350,"percentile":356},"2025-11-07",0.9976,{"date":358,"score":350,"percentile":356},"2025-11-08",{"date":360,"score":350,"percentile":356},"2025-11-09",{"date":362,"score":350,"percentile":356},"2025-11-10",{"date":364,"score":350,"percentile":356},"2025-11-11",{"date":366,"score":350,"percentile":356},"2025-11-12",{"date":368,"score":369,"percentile":370},"2025-11-13",0.92756,0.99744,{"date":372,"score":350,"percentile":356},"2025-11-14",{"date":374,"score":350,"percentile":351},"2025-11-15",{"date":376,"score":350,"percentile":351},"2025-11-16",{"date":378,"score":350,"percentile":379},"2025-11-17",0.99762,{"date":381,"score":382,"percentile":383},"2025-11-18",0.88776,0.99604,{"date":385,"score":382,"percentile":386},"2025-11-19",0.99605,{"date":388,"score":382,"percentile":386},"2025-11-20",{"date":390,"score":391,"percentile":379},"2025-11-21",0.92962,{"date":393,"score":391,"percentile":394},"2025-11-22",0.99763,{"date":396,"score":391,"percentile":394},"2025-11-23",{"date":398,"score":391,"percentile":394},"2025-11-24",{"date":400,"score":391,"percentile":401},"2025-11-25",0.99764,{"date":403,"score":391,"percentile":401},"2025-11-26",{"date":405,"score":391,"percentile":379},"2025-11-27",{"date":407,"score":391,"percentile":394},"2025-11-28",{"date":409,"score":391,"percentile":394},"2025-11-29",{"date":411,"score":391,"percentile":394},"2025-11-30",{"date":413,"score":391,"percentile":414},"2025-12-01",0.99766,{"date":416,"score":350,"percentile":417},"2025-12-02",0.99765,{"date":419,"score":350,"percentile":417},"2025-12-03",{"date":421,"score":350,"percentile":351},"2025-12-04",{"date":423,"score":350,"percentile":351},"2025-12-05",{"date":425,"score":350,"percentile":351},"2025-12-06",{"date":427,"score":350,"percentile":379},"2025-12-07",{"date":429,"score":350,"percentile":351},"2025-12-08",{"date":431,"score":350,"percentile":351},"2025-12-09",{"date":433,"score":350,"percentile":379},"2025-12-10",{"date":435,"score":350,"percentile":379},"2025-12-11",{"date":437,"score":350,"percentile":379},"2025-12-12",{"date":439,"score":350,"percentile":379},"2025-12-13",{"date":441,"score":350,"percentile":379},"2025-12-14",{"date":443,"score":350,"percentile":379},"2025-12-15",{"date":445,"score":350,"percentile":379},"2025-12-16",{"date":447,"score":350,"percentile":394},"2025-12-17",{"date":449,"score":350,"percentile":351},"2025-12-18",{"date":451,"score":350,"percentile":351},"2025-12-19",{"date":453,"score":350,"percentile":351},"2025-12-20",{"date":455,"score":350,"percentile":351},"2025-12-21",{"date":457,"score":350,"percentile":379},"2025-12-22",{"date":459,"score":350,"percentile":379},"2025-12-23",{"date":461,"score":350,"percentile":351},"2025-12-24",{"date":463,"score":350,"percentile":351},"2025-12-25",{"date":465,"score":350,"percentile":356},"2025-12-26",{"date":467,"score":350,"percentile":468},"2025-12-27",0.99759,{"date":470,"score":350,"percentile":356},"2025-12-28",{"date":472,"score":350,"percentile":356},"2025-12-29",{"date":474,"score":350,"percentile":351},"2025-12-30",{"date":476,"score":350,"percentile":351},"2025-12-31",{"date":478,"score":350,"percentile":414},"2026-01-01",{"date":480,"score":350,"percentile":414},"2026-01-02",{"date":482,"score":350,"percentile":417},"2026-01-03",{"date":484,"score":350,"percentile":356},"2026-01-04",{"date":486,"score":350,"percentile":356},"2026-01-05",{"date":488,"score":350,"percentile":351},"2026-01-06",{"date":490,"score":350,"percentile":351},"2026-01-07",{"date":492,"score":350,"percentile":379},"2026-01-08",{"date":494,"score":350,"percentile":379},"2026-01-09",{"date":496,"score":350,"percentile":379},"2026-01-10",{"date":498,"score":350,"percentile":379},"2026-01-11",{"date":500,"score":350,"percentile":379},"2026-01-12",{"date":502,"score":350,"percentile":394},"2026-01-13",{"date":504,"score":350,"percentile":394},"2026-01-14",{"date":506,"score":350,"percentile":401},"2026-01-15",{"date":508,"score":350,"percentile":401},"2026-01-16",{"date":510,"score":350,"percentile":401},"2026-01-17",{"date":512,"score":350,"percentile":394},"2026-01-18",{"date":514,"score":515,"percentile":351},"2026-01-19",0.92905,{"date":517,"score":515,"percentile":351},"2026-01-20",{"date":519,"score":515,"percentile":351},"2026-01-21",{"date":521,"score":515,"percentile":351},"2026-01-22",{"date":523,"score":515,"percentile":351},"2026-01-23",{"date":525,"score":515,"percentile":351},"2026-01-24",{"date":527,"score":515,"percentile":356},"2026-01-25",{"date":529,"score":515,"percentile":356},"2026-01-26",{"date":531,"score":515,"percentile":356},"2026-01-27",{"date":533,"score":515,"percentile":351},"2026-01-28",{"date":535,"score":515,"percentile":351},"2026-01-29",{"date":537,"score":515,"percentile":351},"2026-01-30",{"date":539,"score":515,"percentile":351},"2026-01-31",{"date":541,"score":515,"percentile":414},"2026-02-01",[543,548,555],{"source":226,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":544,"cvss_v4_0":9},{"baseScore":224,"baseSeverity":545,"vectorString":227,"impactScore":546,"exploitabilityScore":547},"CRITICAL",10,7.2,{"source":231,"cvss_v2_0":549,"cvss_v3_0":9,"cvss_v3_1":554,"cvss_v4_0":9},{"baseScore":550,"baseSeverity":9,"vectorString":551,"impactScore":552,"exploitabilityScore":553},4.3,"AV:N/AC:M/Au:N/C:N/I:N/A:P",2.9,8.6,{"baseScore":224,"baseSeverity":545,"vectorString":227,"impactScore":546,"exploitabilityScore":547},{"source":232,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":556,"cvss_v4_0":9},{"baseScore":557,"baseSeverity":9,"vectorString":558,"impactScore":559,"exploitabilityScore":547},6.5,"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",6,[561,570,576,585,596,603,612,616,620,624],{"ecosystem":9,"name":562,"vendor":563,"product":564,"cpe_part":565,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":566},"debian linux","debian","debian_linux","o",[567],{"version":568,"is_range":86,"range_type":569,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":571,"vendor":572,"product":571,"cpe_part":565,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":573},"fedora","fedoraproject",[574],{"version":575,"is_range":86,"range_type":569,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31",{"ecosystem":9,"name":577,"vendor":9,"product":577,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":578},"FreeType",[579],{"version":580,"is_range":220,"range_type":569,"version_start":581,"version_start_type":582,"version_end":583,"version_end_type":584,"fixed_in":9},"gte2.6.0_lt2.10.4","2.6.0","including","2.10.4","excluding",{"ecosystem":9,"name":586,"vendor":587,"product":586,"cpe_part":588,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":589},"chrome","google","a",[590,593],{"version":591,"is_range":220,"range_type":569,"version_start":9,"version_start_type":9,"version_end":592,"version_end_type":584,"fixed_in":9},"lt86.0.4240.111","86.0.4240.111",{"version":594,"is_range":220,"range_type":226,"version_start":595,"version_start_type":582,"version_end":592,"version_end_type":584,"fixed_in":9},">= unspecified, \u003C 86.0.4240.111","unspecified",{"ecosystem":9,"name":597,"vendor":598,"product":599,"cpe_part":588,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":600},"ontap select deploy administration utility","netapp","ontap_select_deploy_administration_utility",[601],{"version":602,"is_range":86,"range_type":569,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":604,"name":605,"vendor":604,"product":605,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":605,"source":9,"versions":607},"NuGet","CefSharp.Common","nuget",[608],{"version":609,"is_range":220,"range_type":610,"version_start":9,"version_start_type":9,"version_end":611,"version_end_type":584,"fixed_in":9},"lt85_3_130","ecosystem","85.3.130",{"ecosystem":604,"name":613,"vendor":604,"product":613,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":613,"source":9,"versions":614},"CefSharp.WinForms",[615],{"version":609,"is_range":220,"range_type":610,"version_start":9,"version_start_type":9,"version_end":611,"version_end_type":584,"fixed_in":9},{"ecosystem":604,"name":617,"vendor":604,"product":617,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":617,"source":9,"versions":618},"CefSharp.Wpf",[619],{"version":609,"is_range":220,"range_type":610,"version_start":9,"version_start_type":9,"version_end":611,"version_end_type":584,"fixed_in":9},{"ecosystem":604,"name":621,"vendor":604,"product":621,"cpe_part":9,"purl_type":606,"purl_namespace":9,"purl_name":621,"source":9,"versions":622},"CefSharp.Wpf.HwndHost",[623],{"version":609,"is_range":220,"range_type":610,"version_start":9,"version_start_type":9,"version_end":611,"version_end_type":584,"fixed_in":9},{"ecosystem":9,"name":625,"vendor":626,"product":627,"cpe_part":588,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":628},"backports sle","opensuse","backports_sle",[629],{"version":630,"is_range":86,"range_type":569,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0:sp2"]