Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-22	CVE-2020-6512	Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-843	8.8
2020-07-22	CVE-2020-6511	Information Exposure Through an Error Message vulnerability in multiple products Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-209	6.5
2020-07-22	CVE-2020-6510	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. local low complexity google debian opensuse fedoraproject CWE-787	7.8
2020-07-17	CVE-2020-0305	Use After Free vulnerability in multiple products In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. local high complexity google opensuse CWE-416	6.4
2020-07-17	CVE-2020-15586	Race Condition vulnerability in multiple products Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. network high complexity golang cloudfoundry debian opensuse fedoraproject CWE-362	5.9
2020-07-17	CVE-2020-14039	Improper Certificate Validation vulnerability in multiple products In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). network low complexity golang opensuse CWE-295	5.3
2020-07-17	CVE-2020-15803	Cross-site Scripting vulnerability in multiple products Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. network low complexity zabbix fedoraproject debian opensuse CWE-79	6.1
2020-07-15	CVE-2020-15780	Missing Authorization vulnerability in multiple products An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. local low complexity linux opensuse canonical CWE-862	7.2
2020-07-15	CVE-2019-20908	Improper Privilege Management vulnerability in multiple products An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. local linux opensuse canonical CWE-269	6.9
2020-07-15	CVE-2020-14715	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). local low complexity oracle opensuse	2.1