Vulnerabilities > Canonical

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-02	CVE-2020-13754	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. local low complexity qemu canonical debian CWE-119	6.7
2020-06-02	CVE-2020-13659	NULL Pointer Dereference vulnerability in multiple products address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. local high complexity qemu debian opensuse canonical CWE-476	2.5
2020-06-01	CVE-2020-13757	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. network low complexity python-rsa-project fedoraproject canonical CWE-327	7.5
2020-06-01	CVE-2020-12867	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. local low complexity sane-project fedoraproject debian opensuse canonical CWE-476	5.5
2020-05-28	CVE-2020-13362	Out-of-bounds Read vulnerability in multiple products In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. local low complexity qemu debian opensuse canonical CWE-125	3.2
2020-05-28	CVE-2020-13361	Out-of-bounds Write vulnerability in multiple products In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. local high complexity qemu debian opensuse canonical CWE-787	3.9
2020-05-28	CVE-2019-20807	OS Command Injection vulnerability in multiple products In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). local low complexity vim debian opensuse canonical apple starwindsoftware CWE-78	5.3
2020-05-28	CVE-2020-13645	Improper Certificate Validation vulnerability in multiple products In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. network low complexity gnome canonical fedoraproject netapp broadcom CWE-295	6.5
2020-05-27	CVE-2020-10936	Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. local low complexity sympa fedoraproject debian canonical CWE-269	7.8
2020-05-27	CVE-2020-13632	NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. local low complexity sqlite fedoraproject canonical netapp brocade debian siemens oracle CWE-476	5.5

Vulnerabilities > Canonical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Canonical"}]}

Vulnerabilities > Canonical