Vulnerabilities > Canonical > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-16 | CVE-2020-14382 | Out-of-bounds Write vulnerability in multiple products A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. | 7.8 |
2020-09-15 | CVE-2020-14362 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. | 7.8 |
2020-09-15 | CVE-2020-14361 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. | 7.8 |
2020-09-15 | CVE-2020-14346 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.9. | 7.8 |
2020-09-15 | CVE-2020-14345 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. | 7.8 |
2020-09-09 | CVE-2020-25219 | Uncontrolled Recursion vulnerability in multiple products url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. | 7.5 |
2020-09-04 | CVE-2020-24659 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GnuTLS before 3.6.15. | 7.5 |
2020-09-03 | CVE-2020-7729 | Insecure Default Initialization of Resource vulnerability in multiple products The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML. | 7.1 |
2020-09-01 | CVE-2020-24584 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). | 7.5 |
2020-09-01 | CVE-2020-24583 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). | 7.5 |