Vulnerabilities > Canonical > Low

DATE CVE VULNERABILITY TITLE RISK
2020-05-15 CVE-2020-11526 Integer Overflow or Wraparound vulnerability in multiple products
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
network
high complexity
freerdp canonical opensuse debian CWE-190
2.2
2.2
2020-05-15 CVE-2020-11931 Exposure of Resource to Wrong Sphere vulnerability in multiple products
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module.
local
low complexity
pulseaudio canonical CWE-668
3.3
3.3
2020-05-13 CVE-2020-11932 Information Exposure Through Log Files vulnerability in Canonical Subiquity
It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered.
local
low complexity
canonical CWE-532
2.3
2.3
2020-05-12 CVE-2020-11058 In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian
2.2
2.2
2020-05-07 CVE-2020-11048 In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read.
network
high complexity
freerdp canonical debian
2.2
2.2
2020-05-07 CVE-2020-11049 In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser.
network
high complexity
freerdp canonical debian
2.2
2.2
2020-05-07 CVE-2020-11044 In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed.
network
high complexity
freerdp canonical debian
2.2
2.2
2020-05-07 CVE-2020-11045 In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer.
network
high complexity
freerdp debian canonical
3.3
3.3
2020-05-07 CVE-2020-11046 In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
network
high complexity
freerdp canonical debian
2.2
2.2
2020-04-28 CVE-2019-15790 Improper Privilege Management vulnerability in multiple products
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges.
local
low complexity
apport-project canonical CWE-269
3.3
3.3