Vulnerabilities > Canonical > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-19 CVE-2020-8184 Improper Input Validation vulnerability in multiple products
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
network
low complexity
rack-project debian canonical CWE-20
7.5
2020-06-17 CVE-2020-14400 An issue was discovered in LibVNCServer before 0.9.13. 7.5
2020-06-17 CVE-2020-14399 An issue was discovered in LibVNCServer before 0.9.13. 7.5
2020-06-17 CVE-2020-14398 Infinite Loop vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
7.5
2020-06-17 CVE-2020-14397 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
7.5
2020-06-17 CVE-2020-14396 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
network
low complexity
libvnc-project canonical debian siemens CWE-476
7.5
2020-06-17 CVE-2019-20840 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
7.5
2020-06-17 CVE-2019-20839 Classic Buffer Overflow vulnerability in multiple products
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
7.5
2020-06-17 CVE-2018-21247 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
7.5
2020-06-11 CVE-2020-0198 Integer Overflow or Wraparound vulnerability in multiple products
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow.
7.5