Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-21	CVE-2020-6478	Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-05-21	CVE-2020-6476	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. network low complexity google opensuse fedoraproject debian CWE-276	6.5
2020-05-21	CVE-2020-6475	Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. network low complexity google opensuse fedoraproject debian	6.5
2020-05-21	CVE-2020-6473	Information Exposure Through Discrepancy vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-203	6.5
2020-05-21	CVE-2020-6472	Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension. network low complexity google fedoraproject opensuse debian	6.5
2020-05-21	CVE-2020-6470	Cross-site Scripting vulnerability in multiple products Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents. network low complexity google fedoraproject opensuse debian CWE-79	6.1
2020-05-21	CVE-2020-6460	Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name. network low complexity google debian	6.5
2020-05-20	CVE-2020-11078	In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. network high complexity httplib2-project fedoraproject debian	6.8
2020-05-20	CVE-2020-13230	Improper Preservation of Permissions vulnerability in multiple products In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). network low complexity cacti debian fedoraproject CWE-281	4.3
2020-05-19	CVE-2020-8021	a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5. network low complexity opensuse debian	5.3