Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-21	CVE-2020-12693	Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. network high complexity schedmd fedoraproject opensuse debian	8.1
2020-05-21	CVE-2020-13113	Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in libexif before 0.6.22. network low complexity libexif-project debian canonical opensuse CWE-908	8.2
2020-05-21	CVE-2020-13114	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in libexif before 0.6.22. network low complexity libexif-project canonical opensuse CWE-770	7.5
2020-05-21	CVE-2020-13112	Out-of-bounds Read vulnerability in multiple products An issue was discovered in libexif before 0.6.22. network low complexity libexif-project debian canonical opensuse CWE-125 critical	9.1
2020-05-21	CVE-2020-6491	Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. network low complexity google debian opensuse fedoraproject	6.5
2020-05-21	CVE-2020-6490	Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-668	4.3
2020-05-21	CVE-2020-6489	Information Exposure vulnerability in multiple products Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-200	4.3
2020-05-21	CVE-2020-6488	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-276	4.3
2020-05-21	CVE-2020-6487	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-276	6.5
2020-05-21	CVE-2020-6486	Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5