High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-24	CVE-2019-3693	Link Following vulnerability in multiple products A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. local low complexity suse opensuse CWE-59	7.8
2020-01-24	CVE-2019-3692	Link Following vulnerability in multiple products The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. local low complexity suse opensuse CWE-59	7.8
2020-01-21	CVE-2020-7040	Link Following vulnerability in multiple products storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. network high complexity storebackup debian opensuse canonical CWE-59	8.1
2020-01-10	CVE-2020-6377	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject redhat debian CWE-416	8.8
2020-01-10	CVE-2019-13767	Use After Free vulnerability in multiple products Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-416	8.8
2019-12-20	CVE-2019-19918	Out-of-bounds Write vulnerability in multiple products Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. local low complexity lout-project opensuse fedoraproject CWE-787	7.8
2019-12-20	CVE-2019-19917	Classic Buffer Overflow vulnerability in multiple products Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. local low complexity lout-project opensuse fedoraproject CWE-120	7.8
2019-12-10	CVE-2019-13764	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse redhat CWE-843	8.8
2019-12-10	CVE-2019-13734	Out-of-bounds Write vulnerability in multiple products Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat canonical suse opensuse debian oracle CWE-787	8.8
2019-11-25	CVE-2019-13706	Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. local low complexity google opensuse CWE-787	7.8