Vulnerabilities > Canonical > High

DATE CVE VULNERABILITY TITLE RISK
2020-02-06 CVE-2020-8648 Use After Free vulnerability in multiple products
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
7.1
2020-02-05 CVE-2020-3123 Out-of-bounds Read vulnerability in multiple products
A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device.
network
low complexity
clamav canonical CWE-125
7.5
2020-02-04 CVE-2019-12528 An issue was discovered in Squid before 4.10. 7.5
2020-02-04 CVE-2020-8517 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid before 4.10.
network
low complexity
squid-cache opensuse canonical CWE-787
7.5
2020-02-04 CVE-2020-8450 Incorrect Calculation of Buffer Size vulnerability in multiple products
An issue was discovered in Squid before 4.10.
7.3
2020-02-04 CVE-2020-8449 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An issue was discovered in Squid before 4.10.
7.5
2020-02-04 CVE-2019-9674 Resource Exhaustion vulnerability in multiple products
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.
network
low complexity
python canonical netapp CWE-400
7.5
2020-01-27 CVE-2019-20421 Infinite Loop vulnerability in multiple products
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption.
network
low complexity
exiv2 canonical debian CWE-835
7.5
2020-01-22 CVE-2016-4761 Use After Free vulnerability in multiple products
WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS
network
low complexity
webkitgtk canonical CWE-416
8.8
2020-01-21 CVE-2020-7595 Infinite Loop vulnerability in multiple products
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
7.5