Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-21	CVE-2020-6479	Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-05-21	CVE-2020-6478	Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-05-21	CVE-2020-6476	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. network low complexity google opensuse fedoraproject debian CWE-276	6.5
2020-05-21	CVE-2020-6475	Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. network low complexity google opensuse fedoraproject debian	6.5
2020-05-21	CVE-2020-6473	Information Exposure Through Discrepancy vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-203	6.5
2020-05-21	CVE-2020-6472	Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension. network low complexity google fedoraproject opensuse debian	6.5
2020-05-21	CVE-2020-6470	Cross-site Scripting vulnerability in multiple products Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents. network low complexity google fedoraproject opensuse debian CWE-79	6.1
2020-05-20	CVE-2020-11078	In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. network high complexity httplib2-project fedoraproject debian	6.8
2020-05-20	CVE-2020-13231	Cross-Site Request Forgery (CSRF) vulnerability in multiple products In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. network low complexity cacti fedoraproject CWE-352	6.5
2020-05-20	CVE-2020-13230	Improper Preservation of Permissions vulnerability in multiple products In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). network low complexity cacti debian fedoraproject CWE-281	4.3