High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-23	CVE-2020-6424	Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-416	8.8
2020-03-23	CVE-2020-6422	Out-of-bounds Write vulnerability in multiple products Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse CWE-787	8.8
2020-03-22	CVE-2020-10802	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. network low complexity phpmyadmin debian fedoraproject opensuse suse CWE-89	8.0
2020-03-22	CVE-2020-10804	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). network low complexity phpmyadmin fedoraproject opensuse suse CWE-89	8.0
2020-03-02	CVE-2019-18897	A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. local low complexity suse opensuse	7.8
2020-02-17	CVE-2014-1947	Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030. local low complexity imagemagick suse CWE-787	7.8
2020-02-11	CVE-2020-6416	Improper Input Validation vulnerability in multiple products Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-20	8.8
2020-02-11	CVE-2020-6415	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-787	8.8
2020-02-11	CVE-2020-6406	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse redhat CWE-416	8.8
2020-02-11	CVE-2020-6404	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian suse redhat CWE-787	8.8