Vulnerabilities > Redhat > Enterprise Linux Workstation > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-10 CVE-2019-13745 Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian suse opensuse fedoraproject redhat
6.5
2019-12-10 CVE-2019-13744 Information Exposure vulnerability in multiple products
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat CWE-200
6.5
2019-12-10 CVE-2019-13743 Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat
6.5
2019-12-10 CVE-2019-13742 Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
network
low complexity
google debian fedoraproject redhat
6.5
2019-12-10 CVE-2019-13740 Origin Validation Error vulnerability in multiple products
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat CWE-346
6.5
2019-12-10 CVE-2019-13739 Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google debian fedoraproject redhat
6.5
2019-12-10 CVE-2019-13738 Improper Privilege Management vulnerability in multiple products
Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat CWE-269
6.5
2019-12-10 CVE-2019-13737 Information Exposure vulnerability in multiple products
Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
network
low complexity
google debian fedoraproject redhat CWE-200
6.5
2019-11-20 CVE-2012-6136 Incorrect Default Permissions vulnerability in multiple products
tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.
local
low complexity
redhat fedoraproject debian CWE-276
5.5
2019-11-14 CVE-2019-11135 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. 6.5