Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-03	CVE-2020-15973	Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. network low complexity google fedoraproject opensuse debian	6.5
2020-11-02	CVE-2020-28038	Cross-site Scripting vulnerability in multiple products WordPress before 5.5.2 allows stored XSS via post slugs. network low complexity wordpress fedoraproject debian CWE-79	6.1
2020-11-02	CVE-2020-28034	Cross-site Scripting vulnerability in multiple products WordPress before 5.5.2 allows XSS associated with global variables. network low complexity wordpress fedoraproject debian CWE-79	6.1
2020-10-29	CVE-2020-14323	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. local low complexity samba opensuse fedoraproject debian CWE-476	5.5
2020-10-22	CVE-2020-27675	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. local high complexity linux fedoraproject debian CWE-416	4.7
2020-10-22	CVE-2020-27674	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique. local low complexity xen fedoraproject debian CWE-787	5.3
2020-10-10	CVE-2020-26934	Cross-site Scripting vulnerability in multiple products phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link. network low complexity phpmyadmin opensuse fedoraproject debian CWE-79	6.1
2020-10-06	CVE-2020-26572	Out-of-bounds Write vulnerability in multiple products The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher. local low complexity opensc-project fedoraproject debian CWE-787	5.5
2020-10-06	CVE-2020-26571	Out-of-bounds Write vulnerability in multiple products The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init. local low complexity opensc-project debian fedoraproject CWE-787	5.5
2020-10-06	CVE-2020-26570	Out-of-bounds Write vulnerability in multiple products The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file. local low complexity opensc-project fedoraproject debian CWE-787	5.5