Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-22	CVE-2020-13397	Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeRDP before 2.1.1. local low complexity freerdp debian opensuse canonical CWE-125	5.5
2020-05-22	CVE-2020-10711	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. network high complexity linux redhat debian opensuse canonical CWE-476	5.9
2020-05-21	CVE-2020-13113	Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in libexif before 0.6.22. network low complexity libexif-project debian canonical opensuse CWE-908	6.4
2020-05-21	CVE-2020-6491	Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. network low complexity google debian opensuse fedoraproject	6.5
2020-05-21	CVE-2020-6490	Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-668	4.3
2020-05-21	CVE-2020-6489	Information Exposure vulnerability in multiple products Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-200	4.3
2020-05-21	CVE-2020-6488	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-276	4.3
2020-05-21	CVE-2020-6487	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-276	6.5
2020-05-21	CVE-2020-6486	Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-05-21	CVE-2020-6485	Improper Input Validation vulnerability in multiple products Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-20	6.5