Vulnerabilities > Canonical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-15 | CVE-2020-11523 | Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. | 6.6 |
| 2020-05-15 | CVE-2020-11522 | Out-of-bounds Read vulnerability in multiple products libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. | 6.5 |
| 2020-05-15 | CVE-2020-11521 | Integer Overflow or Wraparound vulnerability in multiple products libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | 6.6 |
| 2020-05-15 | CVE-2020-3810 | Out-of-bounds Read vulnerability in multiple products Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. | 5.5 |
| 2020-05-15 | CVE-2020-11931 | Exposure of Resource to Wrong Sphere vulnerability in multiple products An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. | 3.3 |
| 2020-05-14 | CVE-2020-0093 | Out-of-bounds Read vulnerability in multiple products In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. | 5.0 |
| 2020-05-14 | CVE-2020-1945 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. | 6.3 |
| 2020-05-13 | CVE-2020-3341 | Improper Input Validation vulnerability in multiple products A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
| 2020-05-13 | CVE-2020-3327 | Improper Input Validation vulnerability in multiple products A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
| 2020-05-13 | CVE-2020-11932 | Information Exposure Through Log Files vulnerability in Canonical Subiquity It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered. | 2.3 |