Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-23	CVE-2020-25600	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local low complexity xen fedoraproject opensuse debian CWE-787	5.5
2020-09-23	CVE-2020-25596	Injection vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local low complexity xen fedoraproject debian opensuse CWE-74	5.5
2020-09-23	CVE-2020-25739	Cross-site Scripting vulnerability in multiple products An issue was discovered in the gon gem before gon-6.4.0 for Ruby. network low complexity gon-project debian canonical CWE-79	6.1
2020-09-23	CVE-2020-14365	Improper Verification of Cryptographic Signature vulnerability in multiple products A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. local low complexity redhat debian CWE-347	6.6
2020-09-21	CVE-2020-6571	Improper Input Validation vulnerability in multiple products Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google opensuse fedoraproject debian CWE-20	4.3
2020-09-21	CVE-2020-6570	Information Exposure vulnerability in multiple products Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction. network low complexity google opensuse fedoraproject debian CWE-200	4.3
2020-09-21	CVE-2020-6569	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-190	6.3
2020-09-21	CVE-2020-6568	Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-09-21	CVE-2020-6567	Improper Input Validation vulnerability in multiple products Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-20	6.5
2020-09-21	CVE-2020-6566	Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5