High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-21	CVE-2020-6574	Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. local low complexity google opensuse debian fedoraproject	7.8
2020-09-21	CVE-2020-15965	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-843	8.8
2020-09-21	CVE-2020-15964	NULL Pointer Dereference vulnerability in multiple products Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-476	8.8
2020-09-21	CVE-2020-15962	Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse fedoraproject debian	8.8
2020-09-21	CVE-2020-15960	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-787	8.8
2020-08-30	CVE-2020-14352	Path Traversal vulnerability in multiple products A flaw was found in librepo in versions before 1.12.1. network low complexity redhat opensuse fedoraproject CWE-22	8.0
2020-08-29	CVE-2020-24972	Improper Encoding or Escaping of Output vulnerability in multiple products The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. network low complexity kleopatra-project fedoraproject opensuse CWE-116	8.8
2020-08-25	CVE-2020-24614	Missing Authorization vulnerability in multiple products Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. network low complexity fossil-scm fedoraproject opensuse CWE-862	8.8
2020-08-07	CVE-2020-8026	Incorrect Default Permissions vulnerability in Opensuse Backports Sle, Leap and Tumbleweed A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. local low complexity opensuse CWE-276	7.8
2020-07-29	CVE-2020-16118	NULL Pointer Dereference vulnerability in multiple products In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/imap/imap-handle.c. network low complexity gnome opensuse CWE-476	7.5