Enterprise Linux Server

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-13732	Use After Free vulnerability in multiple products Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-12-10	CVE-2019-13730	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject novell opensuse redhat CWE-843	8.8
2019-12-10	CVE-2019-13729	Use After Free vulnerability in multiple products Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-12-10	CVE-2019-13728	Out-of-bounds Write vulnerability in multiple products Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-787	8.8
2019-12-10	CVE-2019-13727	Improper Preservation of Permissions vulnerability in multiple products Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-281	8.8
2019-12-10	CVE-2019-13726	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-119	8.8
2019-12-10	CVE-2019-13725	Use After Free vulnerability in multiple products Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-12-06	CVE-2019-5544	Out-of-bounds Write vulnerability in multiple products OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. network low complexity vmware redhat openslp fedoraproject CWE-787 critical	9.8
2019-11-27	CVE-2011-2515	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. local low complexity packagekit-project debian redhat CWE-732	5.3
2019-11-27	CVE-2019-10216	In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat	7.8