High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-11	CVE-2020-6385	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page. network low complexity google opensuse fedoraproject debian suse redhat CWE-754	8.8
2020-02-11	CVE-2020-6382	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-843	8.8
2020-02-11	CVE-2020-6381	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian suse redhat CWE-190	8.8
2020-02-11	CVE-2020-6380	Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension. network low complexity google fedoraproject CWE-863	8.8
2020-02-11	CVE-2020-6379	Use After Free vulnerability in multiple products Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2020-02-11	CVE-2020-6378	Use After Free vulnerability in multiple products Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject CWE-416	8.8
2020-02-11	CVE-2018-14553	NULL Pointer Dereference vulnerability in multiple products gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. network low complexity libgd fedoraproject canonical debian opensuse CWE-476	7.5
2020-02-06	CVE-2013-4572	Session Fixation vulnerability in multiple products The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user. network low complexity mediawiki fedoraproject CWE-384	7.5
2020-02-05	CVE-2010-5304	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. network low complexity libvncserver-project fedoraproject CWE-476	7.5
2020-02-05	CVE-2020-5208	It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. network low complexity ipmitool-project debian fedoraproject opensuse	8.8