High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-22	CVE-2020-6517	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-787	8.8
2020-07-22	CVE-2020-6515	Use After Free vulnerability in multiple products Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-416	8.8
2020-07-22	CVE-2020-6513	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google opensuse fedoraproject debian CWE-787	8.8
2020-07-22	CVE-2020-6512	Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-843	8.8
2020-07-22	CVE-2020-6510	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. local low complexity google debian opensuse fedoraproject CWE-787	7.8
2020-07-21	CVE-2020-15890	Out-of-bounds Read vulnerability in multiple products LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled. network low complexity luajit debian canonical CWE-125	7.5
2020-07-20	CVE-2020-3481	NULL Pointer Dereference vulnerability in multiple products A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity clamav debian canonical fedoraproject CWE-476	7.5
2020-07-15	CVE-2019-17637	XXE vulnerability in multiple products In all versions of Eclipse Web Tools Platform through release 3.18 (2020-06), XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences. local low complexity eclipse debian CWE-611	7.1
2020-07-14	CVE-2020-13935	Infinite Loop vulnerability in multiple products The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. network low complexity apache debian netapp opensuse canonical mcafee oracle CWE-835	7.5
2020-07-14	CVE-2020-13934	Memory Leak vulnerability in multiple products An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. network low complexity apache debian netapp opensuse canonical oracle CWE-401	7.5