High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-13732	Use After Free vulnerability in multiple products Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-12-10	CVE-2019-13730	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject novell opensuse redhat CWE-843	8.8
2019-12-10	CVE-2019-13729	Use After Free vulnerability in multiple products Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-12-10	CVE-2019-13728	Out-of-bounds Write vulnerability in multiple products Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-787	8.8
2019-12-10	CVE-2019-13727	Improper Preservation of Permissions vulnerability in multiple products Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-281	8.8
2019-12-10	CVE-2019-13726	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-119	8.8
2019-12-10	CVE-2019-13725	Use After Free vulnerability in multiple products Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-11-27	CVE-2019-10216	In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat	7.8
2019-11-25	CVE-2019-13723	Use After Free vulnerability in multiple products Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject opensuse redhat CWE-416	8.8
2019-10-17	CVE-2019-14287	Improper Handling of Exceptional Conditions vulnerability in multiple products In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. network low complexity sudo-project fedoraproject debian opensuse canonical netapp redhat CWE-755	8.8