High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-19	CVE-2020-24368	Path Traversal vulnerability in multiple products Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. network low complexity icinga debian suse CWE-22	7.5
2020-03-22	CVE-2020-10802	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. network low complexity phpmyadmin debian fedoraproject opensuse suse CWE-89	8.0
2020-03-22	CVE-2020-10804	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). network low complexity phpmyadmin fedoraproject opensuse suse CWE-89	8.0
2020-02-11	CVE-2020-6416	Improper Input Validation vulnerability in multiple products Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-20	8.8
2020-02-11	CVE-2020-6415	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-787	8.8
2020-02-11	CVE-2020-6406	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse redhat CWE-416	8.8
2020-02-11	CVE-2020-6404	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian suse redhat CWE-787	8.8
2020-02-11	CVE-2020-6402	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. network low complexity google opensuse fedoraproject debian suse redhat CWE-20	8.8
2020-02-11	CVE-2020-6398	Use of Uninitialized Resource vulnerability in multiple products Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google opensuse fedoraproject debian suse redhat CWE-908	8.8
2020-02-11	CVE-2020-6390	Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-787	8.8