High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-21	CVE-2020-6575	Race Condition vulnerability in multiple products Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. network high complexity google debian opensuse fedoraproject CWE-362	8.3
2020-09-21	CVE-2020-6574	Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. local low complexity google opensuse debian fedoraproject	7.8
2020-09-21	CVE-2020-6556	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-787	8.8
2020-09-21	CVE-2020-15965	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-843	8.8
2020-09-21	CVE-2020-15964	NULL Pointer Dereference vulnerability in multiple products Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-476	8.8
2020-09-21	CVE-2020-15962	Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse fedoraproject debian	8.8
2020-09-21	CVE-2020-15960	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-787	8.8
2020-09-18	CVE-2020-8252	Classic Buffer Overflow vulnerability in multiple products The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes. local low complexity nodejs opensuse fedoraproject CWE-120	7.8
2020-09-18	CVE-2020-8201	HTTP Request Smuggling vulnerability in multiple products Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. network high complexity nodejs opensuse fedoraproject CWE-444	7.4
2020-09-17	CVE-2020-0432	Integer Overflow or Wraparound vulnerability in multiple products In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. local low complexity google opensuse CWE-190	7.8