Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-13	CVE-2020-6441	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-276	4.3
2020-04-13	CVE-2020-6440	Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. network low complexity google debian fedoraproject opensuse	4.3
2020-04-13	CVE-2020-6438	Information Exposure Through an Error Message vulnerability in multiple products Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. network low complexity google debian fedoraproject opensuse CWE-209	4.3
2020-04-13	CVE-2020-6437	Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application. network low complexity google debian fedoraproject opensuse	4.3
2020-04-13	CVE-2020-6435	Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. network low complexity google debian fedoraproject opensuse	4.3
2020-04-13	CVE-2020-6433	Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian fedoraproject opensuse	4.3
2020-04-13	CVE-2020-6432	Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian fedoraproject opensuse	4.3
2020-04-13	CVE-2020-6431	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-276	4.3
2020-04-02	CVE-2020-11494	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. local low complexity linux opensuse debian canonical CWE-909	4.4
2020-04-02	CVE-2020-1927	Open Redirect vulnerability in multiple products In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. network low complexity apache fedoraproject debian canonical opensuse netapp broadcom oracle CWE-601	6.1