Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-22	CVE-2020-6521	Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-07-22	CVE-2020-6519	Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-07-22	CVE-2020-6516	Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject	4.3
2020-07-22	CVE-2020-6514	Information Exposure vulnerability in multiple products Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. network low complexity google opensuse fedoraproject debian canonical apple CWE-200	6.5
2020-07-22	CVE-2020-6511	Information Exposure Through an Error Message vulnerability in multiple products Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-209	6.5
2020-07-17	CVE-2020-15586	Race Condition vulnerability in multiple products Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. network high complexity golang cloudfoundry debian opensuse fedoraproject CWE-362	5.9
2020-07-17	CVE-2020-14928	Injection vulnerability in multiple products evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. network high complexity gnome debian fedoraproject canonical CWE-74	5.9
2020-07-17	CVE-2020-15803	Cross-site Scripting vulnerability in multiple products Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. network low complexity zabbix fedoraproject debian opensuse CWE-79	6.1
2020-07-09	CVE-2020-10756	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. local low complexity libslirp-project redhat canonical debian opensuse CWE-125	6.5
2020-07-09	CVE-2020-12402	Information Exposure Through Discrepancy vulnerability in multiple products During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. local high complexity mozilla opensuse fedoraproject debian CWE-203	4.4