Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-11	CVE-2013-4158	Cross-site Scripting vulnerability in multiple products smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) network low complexity smokeping debian fedoraproject CWE-79	6.1
2019-12-11	CVE-2019-19709	Open Redirect vulnerability in multiple products MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page. network low complexity mediawiki debian CWE-601	6.1
2019-12-10	CVE-2019-14870	Improper Authentication vulnerability in multiple products All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self or regular Kerberos authentication, by forcing all tickets for these clients to be non-forwardable. network low complexity samba fedoraproject canonical debian opensuse CWE-287	5.4
2019-12-10	CVE-2019-14861	All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. network high complexity samba fedoraproject canonical opensuse debian	5.3
2019-12-10	CVE-2019-13763	Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. network low complexity google debian fedoraproject redhat	4.3
2019-12-10	CVE-2019-13761	Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian fedoraproject redhat	4.3
2019-12-10	CVE-2019-13759	Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google debian fedoraproject redhat	4.3
2019-12-10	CVE-2019-13758	Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian fedoraproject redhat	4.3
2019-12-10	CVE-2019-13757	Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian fedoraproject redhat	4.3
2019-12-10	CVE-2019-13756	Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google debian fedoraproject redhat	4.3