Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-06	CVE-2021-46141	Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. local low complexity uriparser-project fedoraproject debian opensuse CWE-416	5.5
2022-01-06	CVE-2021-46142	Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. local low complexity uriparser-project fedoraproject debian opensuse CWE-416	5.5
2020-07-17	CVE-2020-15803	Cross-site Scripting vulnerability in multiple products Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. network low complexity zabbix fedoraproject debian opensuse CWE-79	6.1
2020-06-03	CVE-2020-6495	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. network low complexity google debian opensuse CWE-276	6.5
2020-04-13	CVE-2020-6456	Incorrect Default Permissions vulnerability in multiple products Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. network low complexity google debian fedoraproject opensuse CWE-276	6.5
2020-04-13	CVE-2020-6446	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-276	6.5
2020-04-13	CVE-2020-6445	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-276	6.5
2020-04-13	CVE-2020-6442	Exposure of Resource to Wrong Sphere vulnerability in multiple products Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-668	4.3
2020-04-13	CVE-2020-6441	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-276	4.3
2020-04-13	CVE-2020-6440	Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. network low complexity google debian fedoraproject opensuse	4.3