High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-03	CVE-2020-15971	Use After Free vulnerability in multiple products Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-03	CVE-2020-15970	Use After Free vulnerability in multiple products Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-03	CVE-2020-15969	Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse apple CWE-416	8.8
2020-11-03	CVE-2020-15968	Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-416	8.8
2020-11-03	CVE-2020-15967	Use After Free vulnerability in multiple products Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-02	CVE-2020-28033	WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. network low complexity wordpress fedoraproject debian	7.5
2020-11-02	CVE-2020-28030	Infinite Loop vulnerability in multiple products In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. network low complexity wireshark debian fedoraproject CWE-835	7.5
2020-10-27	CVE-2020-15238	Argument Injection or Modification vulnerability in multiple products Blueman is a GTK+ Bluetooth Manager. local high complexity blueman-project debian fedoraproject CWE-88	7.0
2020-10-22	CVE-2020-27672	Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. local high complexity xen fedoraproject opensuse debian CWE-416	7.0
2020-10-22	CVE-2020-27671	An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. local high complexity xen opensuse debian fedoraproject	7.8