Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-03	CVE-2020-6494	Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network google debian opensuse	4.3
2020-06-03	CVE-2020-6493	Use After Free vulnerability in multiple products Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network low complexity google debian opensuse CWE-416 critical	9.6
2020-06-03	CVE-2020-11080	Improper Enforcement of Message or Data Structure vulnerability in multiple products In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. network low complexity nghttp2 debian opensuse fedoraproject oracle nodejs CWE-707	7.5
2020-06-03	CVE-2020-13379	Server-Side Request Forgery (SSRF) vulnerability in multiple products The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. network low complexity grafana fedoraproject netapp opensuse CWE-918	8.2
2020-06-03	CVE-2019-20810	Memory Leak vulnerability in multiple products go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586. local low complexity linux opensuse canonical CWE-401	4.9
2020-06-02	CVE-2020-13659	NULL Pointer Dereference vulnerability in multiple products address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. local high complexity qemu debian opensuse canonical CWE-476	2.5
2020-06-01	CVE-2020-12867	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. local low complexity sane-project fedoraproject debian opensuse canonical CWE-476	5.5
2020-05-29	CVE-2020-11089	Out-of-bounds Read vulnerability in multiple products In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). network low complexity freerdp opensuse debian CWE-125	5.5
2020-05-29	CVE-2020-11088	Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. network low complexity freerdp opensuse debian CWE-125	5.4
2020-05-29	CVE-2020-11087	Out-of-bounds Read vulnerability in multiple products In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. network low complexity freerdp opensuse debian CWE-125	5.4