High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-03	CVE-2020-13379	Server-Side Request Forgery (SSRF) vulnerability in multiple products The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. network low complexity grafana fedoraproject netapp opensuse CWE-918	8.2
2020-05-21	CVE-2020-6477	Link Following vulnerability in multiple products Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file. local low complexity google fedoraproject opensuse CWE-59	7.8
2020-05-21	CVE-2020-6474	Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-416	8.8
2020-05-21	CVE-2020-6468	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian opensuse CWE-843	8.8
2020-05-21	CVE-2020-6467	Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-416	8.8
2020-05-21	CVE-2020-6463	Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject canonical debian opensuse CWE-416	8.8
2020-05-19	CVE-2020-10995	Resource Exhaustion vulnerability in multiple products PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. network low complexity powerdns fedoraproject debian opensuse CWE-400	7.5
2020-05-19	CVE-2020-12244	Improper Verification of Cryptographic Signature vulnerability in multiple products An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation. network low complexity powerdns fedoraproject debian opensuse CWE-347	7.5
2020-05-06	CVE-2020-12672	Out-of-bounds Write vulnerability in multiple products GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. network low complexity graphicsmagick debian opensuse CWE-787	7.5
2020-04-30	CVE-2020-12050	Race Condition vulnerability in multiple products SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library. local high complexity fedoraproject opensuse sqliteodbc-project CWE-362	7.0