Package HUB

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-13745	Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian suse opensuse fedoraproject redhat	6.5
2019-12-10	CVE-2019-13734	Out-of-bounds Write vulnerability in multiple products Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat canonical suse opensuse debian oracle CWE-787	8.8
2019-07-23	CVE-2019-11730	A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. network low complexity mozilla debian opensuse suse	6.5
2019-07-23	CVE-2019-11709	Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. network low complexity mozilla opensuse suse debian CWE-787	7.5
2019-05-23	CVE-2019-5798	Out-of-bounds Read vulnerability in multiple products Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian redhat opensuse canonical suse CWE-125	6.5
2019-01-03	CVE-2018-16876	Information Exposure vulnerability in multiple products ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. network redhat debian suse canonical CWE-200	3.5
2018-10-23	CVE-2018-16837	Missing Encryption of Sensitive Data vulnerability in multiple products Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. local low complexity redhat debian suse CWE-311	2.1
2018-07-13	CVE-2018-10875	Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. local low complexity redhat debian suse canonical CWE-426	4.6
2016-03-29	CVE-2016-1646	Out-of-bounds Read vulnerability in multiple products The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code. network low complexity debian canonical google opensuse suse redhat CWE-125	8.8