Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-13743	Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page. network low complexity google debian fedoraproject redhat	6.5
2019-12-10	CVE-2019-13742	Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. network low complexity google debian fedoraproject redhat	6.5
2019-12-10	CVE-2019-13740	Origin Validation Error vulnerability in multiple products Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-346	6.5
2019-12-10	CVE-2019-13739	Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. network low complexity google debian fedoraproject redhat	6.5
2019-12-10	CVE-2019-13738	Improper Privilege Management vulnerability in multiple products Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-269	6.5
2019-12-10	CVE-2019-13737	Information Exposure vulnerability in multiple products Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-200	6.5
2019-12-06	CVE-2019-1551	Integer Overflow or Wraparound vulnerability in multiple products There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. network low complexity openssl opensuse oracle canonical fedoraproject debian tenable CWE-190	5.3
2019-12-06	CVE-2012-2130	Inadequate Encryption Strength vulnerability in multiple products A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. network polarssl debian fedoraproject CWE-326	5.8
2019-12-06	CVE-2012-1615	Improper Privilege Management vulnerability in Fedoraproject Fedora and Sectool A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. local low complexity fedoraproject CWE-269	4.6
2019-12-05	CVE-2012-1115	Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. network ldap-account-manager debian fedoraproject CWE-79	4.3