Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-22	CVE-2020-6521	Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-07-22	CVE-2020-6519	Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5
2020-07-22	CVE-2020-6516	Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject	4.3
2020-07-22	CVE-2020-6514	Information Exposure vulnerability in multiple products Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. network low complexity google opensuse fedoraproject debian canonical apple CWE-200	6.5
2020-07-22	CVE-2020-6511	Information Exposure Through an Error Message vulnerability in multiple products Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-209	6.5
2020-07-17	CVE-2020-0305	Use After Free vulnerability in multiple products In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. local high complexity google opensuse CWE-416	6.4
2020-07-17	CVE-2020-15586	Race Condition vulnerability in multiple products Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time. network high complexity golang cloudfoundry debian opensuse fedoraproject CWE-362	5.9
2020-07-17	CVE-2020-14039	Improper Certificate Validation vulnerability in multiple products In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). network low complexity golang opensuse CWE-295	5.3
2020-07-17	CVE-2020-15803	Cross-site Scripting vulnerability in multiple products Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. network low complexity zabbix fedoraproject debian opensuse CWE-79	6.1
2020-07-15	CVE-2020-15780	Missing Authorization vulnerability in multiple products An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. local low complexity linux opensuse canonical CWE-862	6.7