Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-21	CVE-2020-6472	Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension. network low complexity google fedoraproject opensuse debian	6.5
2020-05-21	CVE-2020-6470	Cross-site Scripting vulnerability in multiple products Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents. network low complexity google fedoraproject opensuse debian CWE-79	6.1
2020-05-20	CVE-2020-10726	A vulnerability was found in DPDK versions 19.11 and above. local low complexity dpdk fedoraproject opensuse oracle	4.4
2020-05-19	CVE-2020-10723	A memory corruption issue was found in DPDK versions 17.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle	6.7
2020-05-19	CVE-2020-10722	A vulnerability was found in DPDK versions 18.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle	6.7
2020-05-19	CVE-2020-10135	Authentication Bypass by Spoofing vulnerability in multiple products Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. low complexity bluetooth opensuse CWE-290	5.4
2020-05-19	CVE-2020-8021	a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5. network low complexity opensuse debian	5.3
2020-05-19	CVE-2020-8617	Reachable Assertion vulnerability in multiple products Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. network high complexity isc debian fedoraproject opensuse canonical CWE-617	5.9
2020-05-18	CVE-2020-13143	Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. network low complexity linux opensuse debian canonical netapp CWE-125	6.5
2020-05-18	CVE-2020-12801	Cleartext Storage of Sensitive Information vulnerability in multiple products If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. network low complexity libreoffice opensuse CWE-312	5.3