Vulnerabilities > Canonical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-26 | CVE-2020-15078 | Missing Authentication for Critical Function vulnerability in multiple products OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. | 7.5 |
| 2021-04-17 | CVE-2021-3493 | Incorrect Authorization vulnerability in Canonical Ubuntu Linux The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. | 7.8 |
| 2021-04-17 | CVE-2021-3492 | Memory Leak vulnerability in Canonical Ubuntu Linux Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. | 7.8 |
| 2021-04-07 | CVE-2013-1055 | Improper Resource Shutdown or Release vulnerability in Canonical Ubuntu Linux and Unity-Firefox-Extension The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. | 4.3 |
| 2021-04-07 | CVE-2013-1054 | Improper Resource Shutdown or Release vulnerability in Canonical Ubuntu Linux and Unity-Firefox-Extension The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. | 6.5 |
| 2021-03-23 | CVE-2021-3444 | Incorrect Conversion between Numeric Types vulnerability in multiple products The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. | 7.8 |
| 2021-03-20 | CVE-2020-27171 | Off-by-one Error vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. | 6.0 |
| 2021-03-20 | CVE-2020-27170 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. | 4.7 |
| 2021-03-07 | CVE-2021-27364 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3. | 7.1 |
| 2021-02-10 | CVE-2020-16120 | Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. | 4.4 |