Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-22	CVE-2020-6526	Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-07-22	CVE-2020-6521	Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-07-22	CVE-2020-6519	Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-07-22	CVE-2020-6516	Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject	4.3
2020-07-22	CVE-2020-6514	Information Exposure vulnerability in multiple products Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. network low complexity google opensuse fedoraproject debian canonical apple CWE-200	6.5
2020-07-22	CVE-2020-6511	Information Exposure Through an Error Message vulnerability in multiple products Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-209	6.5
2020-06-19	CVE-2020-8164	Deserialization of Untrusted Data vulnerability in multiple products A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. network low complexity rubyonrails debian opensuse CWE-502	5.0
2020-06-08	CVE-2020-13696	Incorrect Authorization vulnerability in multiple products An issue was discovered in LinuxTV xawtv before 3.107. local low complexity linuxtv debian opensuse fedoraproject canonical CWE-863	4.4
2020-06-03	CVE-2020-6496	Use After Free vulnerability in multiple products Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. network google debian opensuse CWE-416	6.8
2020-06-03	CVE-2020-6494	Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network google debian opensuse	4.3