High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-03	CVE-2020-15971	Use After Free vulnerability in multiple products Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-03	CVE-2020-15970	Use After Free vulnerability in multiple products Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-03	CVE-2020-15969	Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse apple CWE-416	8.8
2020-11-03	CVE-2020-15968	Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-416	8.8
2020-11-03	CVE-2020-15967	Use After Free vulnerability in multiple products Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-02	CVE-2020-28033	WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. network low complexity wordpress fedoraproject debian	7.5
2020-11-02	CVE-2020-28030	Infinite Loop vulnerability in multiple products In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. network low complexity wireshark debian fedoraproject CWE-835	7.5
2020-10-27	CVE-2020-15238	Argument Injection or Modification vulnerability in multiple products Blueman is a GTK+ Bluetooth Manager. local high complexity blueman-project debian fedoraproject CWE-88	7.0
2020-10-23	CVE-2020-27216	In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. local high complexity eclipse netapp oracle apache debian	7.0
2020-10-22	CVE-2020-27672	Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. local high complexity xen fedoraproject opensuse debian CWE-416	7.0