High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-21	CVE-2020-6575	Race Condition vulnerability in multiple products Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network high complexity google debian opensuse fedoraproject CWE-362	8.3
2020-09-21	CVE-2020-6574	Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. local low complexity google opensuse debian fedoraproject	7.8
2020-09-21	CVE-2020-15965	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-843	8.8
2020-09-21	CVE-2020-15964	NULL Pointer Dereference vulnerability in multiple products Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-476	8.8
2020-09-21	CVE-2020-15962	Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse fedoraproject debian	8.8
2020-09-21	CVE-2020-15960	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-787	8.8
2020-08-31	CVE-2020-25032	Path Traversal vulnerability in multiple products An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. network low complexity flask-cors-project debian opensuse CWE-22	7.5
2020-08-30	CVE-2020-14352	Path Traversal vulnerability in multiple products A flaw was found in librepo in versions before 1.12.1. network low complexity redhat opensuse fedoraproject CWE-22	8.0
2020-08-29	CVE-2020-24972	Improper Encoding or Escaping of Output vulnerability in multiple products The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. network low complexity kleopatra-project fedoraproject opensuse CWE-116	8.8
2020-08-25	CVE-2020-24614	Missing Authorization vulnerability in multiple products Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. network low complexity fossil-scm fedoraproject opensuse CWE-862	8.8