High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-19	CVE-2021-45082	Command Injection vulnerability in multiple products An issue was discovered in Cobbler before 3.3.1. local low complexity cobbler-project suse opensuse fedoraproject CWE-77	7.8
2020-04-13	CVE-2020-6455	Out-of-bounds Read vulnerability in multiple products Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-125	8.8
2020-04-13	CVE-2020-6452	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject opensuse CWE-787	8.8
2020-04-13	CVE-2020-6443	Insufficient Verification of Data Authenticity vulnerability in multiple products Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-345	8.8
2020-04-13	CVE-2020-6439	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-276	8.8
2020-03-23	CVE-2020-10592	Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002. network low complexity torproject opensuse	7.5
2020-02-13	CVE-2020-0561	Improper Initialization vulnerability in multiple products Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel opensuse CWE-665	7.8
2020-02-04	CVE-2019-15613	Insufficient Verification of Data Authenticity vulnerability in multiple products A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes. network low complexity nextcloud opensuse CWE-345	8.0
2019-12-10	CVE-2019-13730	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject novell opensuse redhat CWE-843	8.8
2019-12-03	CVE-2019-5163	Missing Authentication for Critical Function vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. network low complexity shadowsocks opensuse CWE-306	7.5