15.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-29	CVE-2019-12447	An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. network low complexity gnome canonical opensuse fedoraproject	7.3
2019-05-28	CVE-2019-5436	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. local low complexity haxx opensuse fedoraproject debian f5 netapp oracle CWE-787	7.8
2019-05-23	CVE-2019-5804	Argument Injection or Modification vulnerability in multiple products Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. local low complexity google opensuse CWE-88	5.5
2019-05-23	CVE-2019-5803	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5802	Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google opensuse	6.5
2019-05-23	CVE-2019-5801	Improper Input Validation vulnerability in multiple products Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5800	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5799	Improper Input Validation vulnerability in multiple products Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5798	Out-of-bounds Read vulnerability in multiple products Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian redhat opensuse canonical suse CWE-125	6.5
2019-05-23	CVE-2019-5796	Out-of-bounds Write vulnerability in multiple products Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network high complexity google opensuse CWE-787	7.5