Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-14	CVE-2020-11741	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. local low complexity xen fedoraproject debian opensuse CWE-909	8.8
2020-04-14	CVE-2020-11740	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. local low complexity xen debian fedoraproject opensuse CWE-212	5.5
2020-04-14	CVE-2020-11739	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. local high complexity xen fedoraproject debian opensuse CWE-362	7.8
2020-04-13	CVE-2020-1730	NULL Pointer Dereference vulnerability in multiple products A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. network low complexity libssh canonical netapp redhat fedoraproject oracle CWE-476	5.3
2020-04-13	CVE-2020-6456	Incorrect Default Permissions vulnerability in multiple products Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. network low complexity google debian fedoraproject opensuse CWE-276	6.5
2020-04-13	CVE-2020-6455	Out-of-bounds Read vulnerability in multiple products Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-125	8.8
2020-04-13	CVE-2020-6454	Use After Free vulnerability in multiple products Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. network low complexity google fedoraproject debian opensuse CWE-416	8.8
2020-04-13	CVE-2020-6452	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject opensuse CWE-787	8.8
2020-04-13	CVE-2020-6451	Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject opensuse CWE-416	8.8
2020-04-13	CVE-2020-6450	Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject opensuse CWE-416	8.8