High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-03	CVE-2020-15971	Use After Free vulnerability in multiple products Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-03	CVE-2020-15970	Use After Free vulnerability in multiple products Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-11-03	CVE-2020-15969	Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse apple CWE-416	8.8
2020-11-03	CVE-2020-15968	Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-416	8.8
2020-11-03	CVE-2020-15967	Use After Free vulnerability in multiple products Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. network low complexity google fedoraproject opensuse debian CWE-416	8.8
2020-10-21	CVE-2020-15266	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value. network low complexity google CWE-119	7.5
2020-10-21	CVE-2020-15265	Out-of-bounds Read vulnerability in Google Tensorflow In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. network low complexity google CWE-125	7.5
2020-10-14	CVE-2020-0423	Improper Locking vulnerability in multiple products In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. local low complexity google debian CWE-667	7.8
2020-10-14	CVE-2020-0421	Improper Handling of Exceptional Conditions vulnerability in Google Android In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. local low complexity google CWE-755	7.8
2020-10-14	CVE-2020-0420	Missing Authorization vulnerability in Google Android 11.0 In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check. local low complexity google CWE-862	7.8